urlscan.io logo urlscan.io
SecurityTrails logo

bgitopazdowntown.ddireal.vn Open in urlscan Pro
116.118.50.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4...
Submission: On February 02 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 81 HTTP transactions. The main IP is 116.118.50.194, located in Ho Chi Minh City, Viet Nam and belongs to AZDIGI-AS-VN AZDIGI Corporation, VN. The main domain is bgitopazdowntown.ddireal.vn.
This is the only time bgitopazdowntown.ddireal.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

IP Address AS Autonomous System
2 116.118.50.194 63760 (AZDIGI-AS...)
51 104.83.4.42 20940 (AKAMAI-ASN1)
18 104.83.4.32 20940 (AKAMAI-ASN1)
1 104.76.155.103 16625 (AKAMAI-AS)
3 104.76.144.209 16625 (AKAMAI-AS)
1 13.224.103.128 16509 (AMAZON-02)
2 2 142.250.180.230 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.65.230 54113 (FASTLY)
2 35.241.45.82 15169 (GOOGLE)
81 10
2    116.118.50.194 (Ho Chi Minh City, Viet Nam)

ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN)
bgitopazdowntown.ddireal.vn
51    104.83.4.42 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-42.deploy.static.akamaitechnologies.com
connect.secure.wellsfargo.com
18    104.83.4.32 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-32.deploy.static.akamaitechnologies.com
static.wellsfargo.com
1    104.76.155.103 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-155-103.deploy.static.akamaitechnologies.com
www10.wellsfargomedia.com
3    104.76.144.209 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-144-209.deploy.static.akamaitechnologies.com
www15.wellsfargomedia.com
1    13.224.103.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-128.zrh50.r.cloudfront.net
awusw-wfr.advanced-web-analytics.com
2    142.250.180.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.de
1    151.101.65.230 (United States)

ASN54113 (FASTLY, US)
resources.digital-cloud-prem.medallia.com
2    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Apex Domain
Subdomains		 Transfer
69 wellsfargo.com
connect.secure.wellsfargo.com — Cisco Umbrella Rank: 12734
static.wellsfargo.com — Cisco Umbrella Rank: 12058
1 MB
4 wellsfargomedia.com
www10.wellsfargomedia.com — Cisco Umbrella Rank: 16702
www15.wellsfargomedia.com — Cisco Umbrella Rank: 24313
683 KB
2 kampyle.com
udc-neb.kampyle.com — Cisco Umbrella Rank: 2002
578 B
2 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 184
970 B
2 ddireal.vn
bgitopazdowntown.ddireal.vn
29 KB
1 medallia.com
resources.digital-cloud-prem.medallia.com — Cisco Umbrella Rank: 12420
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8741
231 B
1 google.com
adservice.google.com — Cisco Umbrella Rank: 70
567 B
1 advanced-web-analytics.com
awusw-wfr.advanced-web-analytics.com — Cisco Umbrella Rank: 25585
519 B
0 rlcdn.com Failed
api.rlcdn.com Failed
81 10
Domain Requested by
51 connect.secure.wellsfargo.com bgitopazdowntown.ddireal.vn
connect.secure.wellsfargo.com
18 static.wellsfargo.com bgitopazdowntown.ddireal.vn
static.wellsfargo.com
3 www15.wellsfargomedia.com connect.secure.wellsfargo.com
2 udc-neb.kampyle.com static.wellsfargo.com
2 ad.doubleclick.net 2 redirects
2 bgitopazdowntown.ddireal.vn bgitopazdowntown.ddireal.vn
1 resources.digital-cloud-prem.medallia.com static.wellsfargo.com
1 adservice.google.de bgitopazdowntown.ddireal.vn
1 adservice.google.com 1 redirects
1 awusw-wfr.advanced-web-analytics.com connect.secure.wellsfargo.com
1 www10.wellsfargomedia.com bgitopazdowntown.ddireal.vn
0 api.rlcdn.com Failed static.wellsfargo.com
81 12

This site contains no links.

Subject Issuer Validity Valid
connect.secure.wellsfargo.com
DigiCert EV RSA CA G2		 2022-10-11 -
2023-10-11		 a year crt.sh
static.wellsfargo.com
DigiCert EV RSA CA G2		 2022-10-12 -
2023-10-12		 a year crt.sh
www10.wellsfargomedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-05 -
2023-04-05		 a year crt.sh
www15.wellsfargomedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-14 -
2023-11-16		 a year crt.sh
*.advanced-web-analytics.com
GeoTrust TLS RSA CA G1		 2022-05-09 -
2023-05-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
resources.digital-cloud-prem.medallia.com
R3		 2023-01-08 -
2023-04-08		 3 months crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2022-02-28 -
2023-03-31		 a year crt.sh

This page contains 7 frames:

Primary Page: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Frame ID: C1A2BB0664BF6DCDE9A1281ADB9FF766
Requests: 59 HTTP requests in this frame

Frame: https://awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&es=eyJpIjoieUtEYmY3cWF3c2hlOCtaR1FlUGZGUT09IiwiZSI6IjRkaW1sRlplN1BxRml2MXNzUFliUklVNCtOUHMxZ2N2VkxOMkFiRnM3dDdhZVlcL296cDV1YVlMQ2VNV1FoUmVPUUdpbHd1UTNDcXlHQ1F3U2VEMW9KKzhEMXRheWY3WGFFak55MzU3NGF0cDNTSWV2TFVLTnlMYnBcL0Rma1FTUkhNNGtKZEZUYlwvN09PZGJvQUZBMVdBUT09In0%3D.35b80a1843485b4f.ZDlmNmM0MWZiN2UxZmJmMDE1NTZmMTE4MGRkOTIxNjYxZmNjMGQyMGZkNWZhMjBhZmVmYjkxMjMwYTBjZGI4Nw%3D%3D&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499573777406
Frame ID: D382617A12577623ABAA399C15049DEF
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
Frame ID: 6162D0E83A4F164F79BFA3BDADA7460C
Requests: 5 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/
Frame ID: C19A68C0E240C65CE55A1C91388A7BA2
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769386464
Frame ID: 672AEA1180D9C1DD4B2A4DE451F723E6
Requests: 5 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769942938
Frame ID: D4659028BB25359EA802E45DC14D1666
Requests: 5 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/farmbook.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
Frame ID: 8448F526CFAC1A723EE8B085566DB5CD
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign On to View Your Personal Accounts | Wells Fargo

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js

Page Statistics

81
Requests

96 %
HTTPS

10 %
IPv6

10
Domains

12
Subdomains

10
IPs

4
Countries

2042 kB
Transfer

4271 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://ad.doubleclick.net/ddm/activity/src=2549153;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545 HTTP 302
  • https://adservice.google.com/ddm/fls/p/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/ HTTP 302
  • https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signon.php
bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/ 		105 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Server
116.118.50.194 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
26fbfe958bfab19d28484b3b379e912c26deb4373a95ab634138817b1cc8fd4e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Keep-Alive
content-encoding
gzip
content-length
26919
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 02:29:54 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
/
connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/ 		541 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/?q=NDX%3A%25pR%20Z*d%20UcHG4Pt6k%3F%22KmP%3Ck%3B0G%3A.y7xpE%3DG%3CAp39dLl%25N%3EKJ%60%5D%27sX5rJ!u%25%3Fr%5E8p.%5ErA4m!3mC5%3E1%3D-h%2C9LL%23lK%3E%7D2eH%3Ca4L1ozMnA%23jQ%5Ec%7B%3A%25%40u%20pC%3E%22%22hlFg%40TuXBp55t%5D)z%23XnOmGPSF7L%2BF%3DnClfQsD6%7D%25)Pu%5Cd-r%27OD0f79j%22c%3CS%5E%7BG(_9vX%25qE7A%7B%3Db%3BX9t5%3Bn9N%2FbLlHQ%3B%60uN)EgyY_t0V%3A%3C%7D%5EKE%5Er4%3A%27g%3Bg%5C%407imewVcr%25teRf_hebAfazc9N%20(Zn49Kbx%60%607%2BcfRwO-zVD%5DD9Q%22%7CzFw%5E%5C9Rdkl0fCT%7D8%2B%7DTMeZ.zW%5CzR%2Bb%3D%27aG9!1-%3Bn3L%5D%5EGn5i%3C%5Bk%5B%20SI%5Bp%5C%22iCzH7J%3EKY!%24J1i%2C%2Fg%24a(F%3CiS%2B%2F%7CMcu%40auRzp.%27P6%40z%24RvL%22%2BWuNGn%3CH1j_Ux4%404%3Cs%20-qB86j6uO3Mw9q9Q2s2lEDh%5B05%3E%20.dBfSHg!%2CfOU%5EV%7DG5y%3Ak1b*3.RB7WS%26JAL%7D%5DcIpX%7D6a%7BCB%2FR%23
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b1a0678af2f7346a118ac4ce78421bb4028ccbb91a9d4bca3488da1738a662e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Vary
Origin,Referer
Access-Control-Allow-Methods
GET, POST
Content-Type
application/javascript
Access-Control-Allow-Origin
http://bgitopazdowntown.ddireal.vn
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Length
541
x-xss-protection
1; mode=block
ga_conversion_async.js
static.wellsfargo.com/tracking/ga/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/ga_conversion_async.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
ETag
W/"613a44c0-8c31"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
13593
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block
nd
connect.secure.wellsfargo.com/jenny/ 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/jenny/nd
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
236fff12965c5b5b0d7bb2936078c951669c6f9227b8a74d39dbdbc98545904b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
accept-encoding
X-Frame-Options
DENY
Content-Type
application/javascript;charset=ISO-8859-1
Connection
keep-alive
Content-Length
17973
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?id=AW-984436569
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block
ytc.js
static.wellsfargo.com/tracking/ytc/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ytc/ytc.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
052776ce5bb96d76cced9b9d9d5cc8ab2110e33eaba59f6cd3259642a83ff4d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 15 Jul 2021 21:00:28 GMT
ETag
W/"60f0a1ec-3ad3"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
5614
X-XSS-Protection
1; mode=block
general_alt.js
connect.secure.wellsfargo.com/auth/login/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIB30aSBAQAAaON8e0THKEG-EABBQKIADdpWWv5DyTHstHopwQkaHgNyXtDA&X-G2Q3kxs3--z=q
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:55 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
text/plain; charset=UTF-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 02 Feb 2023 02:29:55 GMT
wfui.5d3fa5b6daab852c2a31.chunk.css
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/ 		99 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fea85638d902b7d705d72aa9776531c035371a16774f0e52be50c0638c6eb110
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 02 Feb 2023 02:29:54 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
16482
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 08 Jun 2022 01:32:22 GMT
ETag
"629ffc26-4062"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Cache-Control
max-age=10368000
main.b3b5f355e18c2c42a801.chunk.css
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/main.b3b5f355e18c2c42a801.chunk.css
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e68ea9ca9cce32f91979f88142e963f0ff950cc1f1b6c3246eaaaf2f3091c58
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 02 Feb 2023 02:29:54 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
2005
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 08 Jun 2022 01:32:21 GMT
ETag
"629ffc25-7d5"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Cache-Control
max-age=10368000
glu.js
connect.secure.wellsfargo.com/AIDO/ 		68 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/glu.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c1408af268dd0f50496137e75c1127cde1fd8d696ea5f4bb6ed93feb6a59df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Date
Thu, 02 Feb 2023 02:29:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Connection
keep-alive
Content-Length
37087
X-XSS-Protection
1; mode=block
Pragma
no-cache
max-age
0
Vary
Origin, Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Expires
-1
utag.3.js
static.wellsfargo.com/tracking/secure-auth/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.3.js?utv=ut4.48.202112091836
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3636799d3181248d5db968a7851b9aa972ea77f64b3cba9ce6b0a8933106c0c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 03 Dec 2020 23:04:06 GMT
ETag
W/"5fc96ee6-15f9"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
2186
X-XSS-Protection
1; mode=block
utag.4.js
static.wellsfargo.com/tracking/secure-auth/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.4.js?utv=ut4.48.202108231941
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d05c6eece255484babbedeb74b3a5b19daaa9763049e08362b82cfdf1fc8bfbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 23 Sep 2021 21:00:33 GMT
ETag
W/"614ceaf1-16e0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
1663
X-XSS-Protection
1; mode=block
utag.5.js
static.wellsfargo.com/tracking/secure-auth/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.48.202202030106
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60d47dd37dff7fa5a9353b251f9d54bbbfc2d9564003d347a85075d046ecee7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 22 Sep 2022 20:06:42 GMT
ETag
W/"632cc052-1c52"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
2392
X-XSS-Protection
1; mode=block
utag.7.js
static.wellsfargo.com/tracking/secure-auth/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.7.js?utv=ut4.48.202010230514
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c4cf53fef9222fc5d6659fa4b776fe20d64c46886c3d96547aaae16134afb2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Wed, 28 Oct 2020 21:48:43 GMT
ETag
W/"5f99e73b-28df"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
3220
X-XSS-Protection
1; mode=block
utag.10.js
static.wellsfargo.com/tracking/secure-auth/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.10.js?utv=ut4.48.202102191956
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9184b3835b9cda7302210700cdc5050c5c207682d69c3fbe9e78356cffb65391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 04 Mar 2021 00:30:32 GMT
ETag
W/"60402a28-50bb"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
5672
X-XSS-Protection
1; mode=block
utag.9.js
static.wellsfargo.com/tracking/secure-auth/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.9.js?utv=ut4.48.202108231941
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34d6af1ed862f62ede259dedabcadba6446c1e9182cd70b19c66cb3acedae93d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 23 Sep 2021 21:00:33 GMT
ETag
W/"614ceaf1-2bba"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
3522
X-XSS-Protection
1; mode=block
utag.15.js
static.wellsfargo.com/tracking/secure-auth/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.15.js?utv=ut4.48.202109220050
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
384f41d37d3a9be1a72e761589096fcce4119150ea81ead29ba758514d321e94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 23 Sep 2021 21:00:33 GMT
ETag
W/"614ceaf1-ebc"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
1682
X-XSS-Protection
1; mode=block
mint.js
connect.secure.wellsfargo.com/AIDO/ 		266 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7640382844861511
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2c7f6fecd28e86320a8d43335184efd3f1360beaefc6b7f9738abeaf3045ab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
149069
X-XSS-Protection
1; mode=block
Expires
-1
pic.js
connect.secure.wellsfargo.com/PIDO/ 		87 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.8426445611056853
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37e2ca5b89df006a42ecf0d523ab9a5df6ed27ae4139a53ffc372dbeb0876b95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
50326
X-XSS-Protection
1; mode=block
Expires
-1
trx.js
connect.secure.wellsfargo.com/AIDO/ 		106 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/trx.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34cfd621f312275ea25a51ea65b3b53809de7b2a9cf93a53b71a88804f0d894f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
53994
X-XSS-Protection
1; mode=block
Expires
-1
try.js
connect.secure.wellsfargo.com/AIDO/ 		73 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/try.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3800820bbccbdc7e2ed0ebb7ba2540ec046676b403c3a8894f41da658d6e00a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
39461
X-XSS-Protection
1; mode=block
Expires
-1
ay6u
connect.secure.wellsfargo.com/AIDO/ 		142 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNkxPQiUzRENPTlMlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjJhYWY5NTg4OS0yMDZiLTQ1N2UtOWQzNC0xMGE0NDYwY2U3YTUlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=tasfxhz_xfidlmov&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db27897282a9c24bf21eeb7cebabf3cc9feec5d7d7676498f7809e632a1a6502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
142
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		141 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNkxPQiUzRENPTlMlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNkxPQiUzRENPTlMlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIycGlkJTIyJTNBNDQ3OTI0NzcwJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTElMkMlMjJ0cyUyMiUzQTE2NTYzMjkyMDYwNjAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTQ3Nzg4JTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=lawigr_kbuauxo_m&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a830d0edb2a0425d62b04c2f2833ad08a47735bc655cab5b29b27d3b522639fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
141
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		132 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIybDR3bm1iY2Q3a2hla3h2ZGR1ayUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=dklzlamqibulxmua&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61a097bc2513efb34dee32ba60be8df34a5e2d3f9f833065c47fe18b89907662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
132
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0EyJTJDJTIydHMlMjIlM0ExNjU2MzI5MjI2NTczJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5MTE1MDclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=esdkbhzwxugbfrfa&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db341d5481f4f4821d615925d8832d4670c0be64ec82a973bbbb692b8ae1b97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0EzJTJDJTIydHMlMjIlM0ExNjU2MzI5MzA2NTIyJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E0NDg2NTclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=zpuevxekebkkqzyz&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05413f45f5993fb5a248861440bb0ef62b51aabeb798c6bc82a33f3e8659b866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0E0JTJDJTIydHMlMjIlM0ExNjU2MzI5Mzc3ODc4JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0EzNTM4MjUlN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=stdgds_icz__zvhk&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20b90132f5e2d51fe8edeaff395c1f75127775d81cf65b33a863eb2ed95edf51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0E1JTJDJTIydHMlMjIlM0ExNjU2MzI5MzgwNjcwJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5NTUzODklN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=hsxdfhsfonvcksrz&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7da443f39799d3ff07e43890054b7888b5f3c2d91b68b9e23a4cc4fa5e037701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0E2JTJDJTIydHMlMjIlM0ExNjU2MzI5NDI0NDA5JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0ExNzE5NzUlN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=hronhtcntiapovlh&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bd320a1a5b4aa6e2026cb92ddd25306bbb52efcb74837ad3e9958fec2643a5c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0E3JTJDJTIydHMlMjIlM0ExNjU2MzI5NDI3OTQ0JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E0OTExNDclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=tmhuhxuddiamtoys&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43091c732a9e1f1b0e59c674512e6b66265eec2beff0e764396f1e08e1941eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0E4JTJDJTIydHMlMjIlM0ExNjU2MzI5NTA3NTAxJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5MzYxNCU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=lqrrtixbvptwrupv&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
91e4378e57724619356caa4ca5a9af2c2c668b503f7b2113b1a8eaee7254db2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:57 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0E5JTJDJTIydHMlMjIlM0ExNjU2MzI5NjUyNDM0JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E4OTg1OTclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgvvbn_cpqputmas&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef4215a4282e51c566934c7b8f4a910da16a539c29292d69e536ff06ddbddde9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:57 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0ExMCUyQyUyMnRzJTIyJTNBMTY1NjMyOTY1NTg3NyUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBMzM2Mjk2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=fpkngzkdahnngdzl&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
18abcbfd674a00d68a13975ada85e901f4ee842ad94c06eef35ef13e071e19c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:57 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0ExMSUyQyUyMnRzJTIyJTNBMTY1NjMyOTY4MDM0MSUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNjkwNzQyJTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=mkelibaqu_rvuwbv&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f90598e6dd9e9b38ce71662badd8516ee1f6633e8b472e10824e60f441594b17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:57 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0ExMiUyQyUyMnRzJTIyJTNBMTY1NjMyOTY4NzIyMiUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNjc0MDk1JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=prbrcxwatzwqdxwq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe5a6f8b61d3b055e92d347163a4715675351eaa6393364341e823d66406b861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:57 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0ExMyUyQyUyMnRzJTIyJTNBMTY1NjMyOTY5NTc4OCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBMjExMDk5JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=zlhbpoezzaimha_l&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
28c7a1b0b0cfc11cbada099c30a82676e1ccad9b3120b17efdd3d426b4a9ce94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:57 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
COB-BOB-IRT-enroll_balloons.jpg
www10.wellsfargomedia.com/auth/static/images/ 		611 KB
613 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.155.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-155-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 02:29:55 GMT
last-modified
Tue, 06 Dec 2022 02:52:13 GMT
etag
"638eae5d-98b19"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
image/jpeg
allow
GET, POST, OPTIONS
cache-control
max-age=10368000
accept-ranges
bytes
content-length
625433
x-xss-protection
1; mode=block
expires
Fri, 02 Jun 2023 02:29:55 GMT
sub.png
bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/sub.png
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Server
116.118.50.194 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
85f39a9e87ea01745f1ac1475b364af858780a16798712130d27ef5741ad4431

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:29:55 GMT
last-modified
Fri, 04 Nov 2022 05:12:30 GMT
server
LiteSpeed
etag
"69a-63649f3e-16293c;;;"
content-type
image/png
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
1690
expires
Thu, 09 Feb 2023 02:29:55 GMT
wfui.11759b41ee721f527bba.chunk.js
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/ 		804 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/wfui.11759b41ee721f527bba.chunk.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a6e52e46f30c7dc4e41a706d9008c258593f367fd4dd7df1bfcca090444aba01
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 02 Feb 2023 02:29:55 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
206303
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 08 Jun 2022 01:32:21 GMT
ETag
"629ffc25-325df"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Cache-Control
max-age=10368000
main.2c70436e78e79e8ed3b8.chunk.js
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/main.2c70436e78e79e8ed3b8.chunk.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
00fb0d4cdf817e417a1debd18edda41c97d9dbb75bb9778ff001c1b727795154
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 02 Feb 2023 02:29:55 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
6493
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 08 Jun 2022 01:32:57 GMT
ETag
"629ffc49-195d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Cache-Control
max-age=10368000
utag.js
static.wellsfargo.com/tracking/secure-auth/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6478879db9ed10ac3e8ada3fbd66208b544cced5c08040333ac2334c8aa8b48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 24 Jan 2023 07:23:58 GMT
ETag
W/"63cf878e-8485"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
10074
X-XSS-Protection
1; mode=block
ttms.gif
static.wellsfargo.com/tracking/reporting/ 		43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=11202206270424411143497415&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t=
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:55 GMT
$host
wellsfargo.com
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 16 Jan 2020 21:55:22 GMT
ETag
"5e20dbca-2b"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST
Content-Type
image/gif
Allow
GET, POST, OPTIONS
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-XSS-Protection
1; mode=block
wellsfargosans-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.144.209 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-144-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

Request headers

Referer
https://connect.secure.wellsfargo.com/
Origin
http://bgitopazdowntown.ddireal.vn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:29:55 GMT
last-modified
Tue, 26 Feb 2019 19:38:34 GMT
etag
"5c7595ba-5798"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22424
expires
Fri, 02 Feb 2024 02:29:55 GMT
wellsfargosans-sbd.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.144.209 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-144-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba

Request headers

Referer
https://connect.secure.wellsfargo.com/
Origin
http://bgitopazdowntown.ddireal.vn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:29:55 GMT
last-modified
Tue, 26 Feb 2019 19:38:34 GMT
etag
"5c7595ba-5848"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22600
expires
Fri, 02 Feb 2024 02:29:55 GMT
wellsfargoserif-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.144.209 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-144-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310

Request headers

Referer
https://connect.secure.wellsfargo.com/
Origin
http://bgitopazdowntown.ddireal.vn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:29:55 GMT
last-modified
Mon, 11 Mar 2019 20:52:01 GMT
etag
"5c86ca71-6854"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26708
expires
Fri, 02 Feb 2024 02:29:55 GMT
mech.html
awusw-wfr.advanced-web-analytics.com/AIDO/ Frame D382 		0
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&es=eyJpIjoieUtEYmY3cWF3c2hlOCtaR1FlUGZGUT09IiwiZSI6IjRkaW1sRlplN1BxRml2MXNzUFliUklVNCtOUHMxZ2N2VkxOMkFiRnM3dDdhZVlcL296cDV1YVlMQ2VNV1FoUmVPUUdpbHd1UTNDcXlHQ1F3U2VEMW9KKzhEMXRheWY3WGFFak55MzU3NGF0cDNTSWV2TFVLTnlMYnBcL0Rma1FTUkhNNGtKZEZUYlwvN09PZGJvQUZBMVdBUT09In0%3D.35b80a1843485b4f.ZDlmNmM0MWZiN2UxZmJmMDE1NTZmMTE4MGRkOTIxNjYxZmNjMGQyMGZkNWZhMjBhZmVmYjkxMjMwYTBjZGI4Nw%3D%3D&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499573777406
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-128.zrh50.r.cloudfront.net
Software
haile /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 02 Feb 2023 02:29:56 GMT
expires
0
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
pics-label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
pragma
no-cache
server
haile
via
1.1 03b8fedec120c9a0833a57a86eae03ae.cloudfront.net (CloudFront)
x-amz-cf-id
I-Ij1vwpDzeLDvqty32QeuvSTLtML3vwa0WseG_yDEZJp432Gv_YWw==
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
gateway.html
connect.secure.wellsfargo.com/AIDO/ Frame 6162 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
151d7074a3e9c4b7edc543d08bc2123ce20040f038e318b2a011e8d1f68a6087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
8564
Content-Type
text/html
Date
Thu, 02 Feb 2023 02:29:56 GMT
Expires
Thu, 02 Feb 2023 03:29:56 GMT
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Accept-Encoding
X-Akamai-Transformed
9 10805 0 pmb=mTOE,1
X-XSS-Protection
1; mode=block
max-age
0
/
adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;... Frame C19A
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=2549153;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=12086686...
  • https://ad.doubleclick.net/ddm/activity/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1...
  • https://adservice.google.com/ddm/fls/p/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.16...
  • https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.165...
42 B
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
42
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 02:29:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 02:29:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CLT5xbnl9fwCFRwKewodWD4J1Q;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
idl
api.rlcdn.com/api/identity/ 		0
0
utag.21.js
static.wellsfargo.com/tracking/secure-auth/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.21.js?utv=ut4.49.202210132016
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/secure-auth/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6d94388f08f73ea73adbfa84c4ec5bff48ba7130e76c71479fcbf832c302d7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Mon, 07 Nov 2022 21:02:08 GMT
ETag
W/"63697250-1123"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
1841
X-XSS-Protection
1; mode=block
medallia-digital-embed.js
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/secure-auth/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
988ce210a0f58c104e2c122eb42338ddd85ff2e33b9b0ffe3af2d7df9e2b00ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Wed, 12 Oct 2022 20:08:15 GMT
ETag
W/"63471eaf-798"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
819
X-XSS-Protection
1; mode=block
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 6162 		182 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Mon, 05 Dec 2022 18:21:50 GMT
ETag
"c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
72934
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 6162 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:56 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 6162 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:57 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
generic1661785830759.js
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/ 		339 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.32 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c567736fbf5b10d4933ff5632a372890f0cd43804f0e17ec9d5c8b1c9b8a14ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Wed, 12 Oct 2022 20:08:15 GMT
ETag
W/"63471eaf-54d3a"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
78340
X-XSS-Protection
1; mode=block
vyHb
connect.secure.wellsfargo.com/AIDO/ 		90 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEArTHg3UzVQUTJmSnMzbklrWElxWFFZVEFFZ0xpbk5WbzJvS0E4OTZLUCtGQVdYTXZoRWRyWk9qYmFBdmk4ZllJcks5dG0vWW9yUkh1bHMrSmdQTE9lem4zenUvNG1wcGNRMUp4TUZUU0VidFVMY21ZNGtuQlpQOXZVek5vbHNBVnJ4ZjY5Zis4NEtVa2pKaDJIcUxiN0xBekwwMU1HVk9PbzBZUEtnUU5Wc0N2K01adnAwZVhkU0Q2ZmQrbjZqR1dQZEFTaEdJSDFiZ1VnSUw0c0lIVWRqaEpERmtkVXV2RHF0aTloT3Rla1k2cjN5VUgweHhPVmFzQjlxbEc1SDVoTmUrQXFXWE1xUWR6S2NkZC8vcUdSaGEzWlVUbVRWYUtpSzJFS3dDbW9RPT18ZWQ1MTJkZGU5OTEyNDcyZjliNjVjNzc1MmY3OWE3M2I3MzgzYTM4ZWI1NTgxY2NkYWFkYjQ3YjE0ZTdhN2YyMmIxMjcyN2E5MmEwZDU0OTVmNmQ3ZGFhNjY1NDI4Mzg3NTU0ODMxMWFiOGE5MDFhODQ3YTQ4MDVmZjdiNTkxY2FjYTlhODBiODJlZjcxYjhhNWRhNzlmY2JmNDIzNTUxNzlmNDM5NjA1NDgyZGQ0OTlhMGFlY2MwZGI0NWZmNGQ3OTQyYmFhZGJmMjk0ZDEyMWRiNTFiYmVmMWVlZTZmNzQ3OWU1NmFhY2Q1OGI1ZmRhODhlNDI1MTIyOGJjNTBlNjAyZmI4ZmNiMDE4NDk4MjgwZjM0NmM2YWYxYjhhNTY4ZDU0MmRhOWExZThkZTkzNTcyYWM2ZWE2YWQ4YzRmOGM0Mjk4ZGRiYmY4MzJjNDQwNWRmMjU4MTA4MTg0YzVmYjc1ZGU3MTExY2EyMTRmNDMzOTA5ZjYwYWQzZWU3ZmE1Zjc4OTJhMmY2NmI2MWQ2YThmY2ZmMjUxZDFhMGEyNjdjZjRmNDU5NDE1MzVmZmFjNmEwZjZiNDhiOWZmM2FmN2YyOWU0MWM4YjMyY2Y2N2Q3N2IzN2EyNzg2MjhlOGU2YWEyN2JjNGZiZjZlZmU0OTNmZWQyMTljNDk0YzZlZDl8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C33&si=4&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=bcvtmreewhz_hz_v&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ef2eda58c8580e102bdfe3795e2c13129255f412aee9abfe19562e5bf959ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:57 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
90
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		89 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEB3Tm5MTEpvOGNoZUhObERVUVozaWtLT0Z5OTlyZU1qUHNWSUQ3bDBkNXFSQytEVllxcDFPRmIrNWw4enE0UnEwNGIwQ1ltK2VuQ2JySGdVaytUU0FUTUVja1ZjV1NyNmhFMlFOODFTK3JOTDhzQXhaaW5HMTVscVNQT0JjT2tOb1VjbVBzdkpzaTdMMDBzbWVBcjFHNmdkYzN3L1RQZ1BOZGx4aXZTaXpXR2RZaGt5TGk3ZlI3TDBjV1ptT0pGZUphSkw5b0sxVFNqaUN3MCt3bDZISGxKS1VBaFBkOUlFamV2SFM3Y29qb1FleDBiL3A1VTNnNGhZTXF5V3d6bEtPQisydGU3Nk0wNVkvcWNuT0hqcy9xa3Bmbm9pQzZhYnlVb2Q3M0RDeGIzVis2NjVFSG9Ra01kUThBeTZLbE54OXlBREdkZlBZQVpNQUZ2eWVQeU1kZ0k3dVRucUIrVlZtRmlmeUVKMjJxMjYwelJJc3ZvTkRWcjF0U3JxbHdScFdxcWljR1I2c2dtaCsrZDdVbExmVlh0Y290cXFYUXo3Y2I4YTFrekw5bDVCMTZwMTI0MWpXTFczenZCZk8xUEc2blJPRUpQbk5RL1QzY2Zqc3EvS2JYeHdPN0crTjFWbndqSEgrWGtGelZaekJaQ1FrL3BzdFp1LzRDSGtGdWtva2lUdVFVYjhLV01SMlVBckR2MmY0aXA2Ri84RUJRTlV3a0o1d2JyNUsyNnNhWElSZFUwaWE3MlF1enFkR2R3SCtzWHdvSXRoM1Y2Q1B5a3pocngrQytoTXdMeTdtazg2THJSdmkyay81dFVLMnJ5bWZqMmZ4bzh3dTZsbEFDdGladG5KbEFaKzhsYnhEcElnVnVUU3RwOUtqR3I5UDE3UDBuRFpIOHFEWHZUeUhWc2dtOHMvaXJNcU5xL2dpNHozQU5lODZEQkNTZ3pmSmNqNWhOTGExZlExay84bEttTCt5NUNidXdsZWtZSi9DfDBmMzA0YzE5M2EwNGIzNjhiZDQ1M2YzZmU5MWRlYjc2ZjE5MjI5MzNiYTJkZDVhNmYyOTc2NmM0Njc2OWMzYTQ5NWU3YTMwNTUzN2FmYzdkZWQ3Y2U2NTYwMzYxZDUzYzY5MzI0YWFkNGVmMjA5NGYyNGFhZjRhMDg2YzI5Mzg2NzkxNDY0YmY0NTNlZWE5YmM3YjVjNTlkYzMxN2RiNmUxNTQwZDQ3OGQ2MGFkNTVjNzdiYzIxZWM3ZGRmMzU2OTIxOTVjOTFhMWMxMzM4OTdkZGRkYzIwNDc5ZTJjNWIyNGQxMjA3M2RjNjdlMjhjZGU2MzA0YzQxOGNmMTg1YTUxNTZkZTE2YzRiZDA1ODcyMzk0YzEyYzQ3MTQ1NTUzNzRhYWFmM2Y1YmEwODI1MjIxYjg2OTNkMjE2MDVlZjYxOTg1YzdiYjE4Nzc5NzY3NjhiNTBlNGE0OTVmYTY2NzM1ZTA0MWRhZDNjNzNiNDkxNzg4N2YxMjIyYzlkMWJlZDNkOWYxNGJjZjVhNTQ2NGNlYzljY2RjYjA0MjhkMjE5NTJlYTNlZmMwZGI1MTNlYjU2ZjczYjM4YmZmNWEzODMwNzZiYzI2ODVkNGYxNzhhY2FiYjUxOTRkMmZmOTk2ZGNiNjk4ZTZkMTY2NTA1ZDU3NWJiZmNjOGE3YzNmNGRmfDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C8&si=4&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=ovvutlaspohrfplx&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d2cb856c9752f03319646d7ad5b02a40b10f0ef3fbb138a22514a9836cc3400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
89
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		90 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBwY0sySFFuNlozVmhVVFhqWUtCa2ZvaXJoMmxFVjJqVTBxNW1DRnJzVkViaXUzZDVyNW9EU1FNZG84Z2cyWmFxYk1QTmtZUlFjMGNNUnF2U2Z4RXl2Z2hVdkxiRjhGaXVGdXR6T1FKT2czalFJeW5RWlVxZ1pJZy9WVmFlU2N6ZUlkeXRuTnBpK2NIQWw3SzZzbzFrUlZ4eHYrQ281enBxd0prTGt3TUtvQmY5anRNZWxoWHRSUzFwZW1UZkorQWl5ZytnUURHTEF6N3VZcFZpYitHdjdWbEI4cHFvSUI1KzFkMThxeXRaRmVmcFZ2VHQzcTlxWkpFQlAwS0ptVjY3MVM5UldOb1A1NjV0QzJSajhZcEpMTE9LZVF1RGpmMnFCbnhod1ovMmdlNDdLd1M4MnovMDU5NktMU3pBWFR0d05obk8xZTcyaGJBUnNnM0Zsb1BlSTJ1d3o1ZUpkakFMdElGRXErTU92MUlLSDYrcnJ0SXJvWVVzQTBtUC9OS29UVVRnMGEzbGx2aDVhQVBXOVdlc01lS2c5TUY5UWluZGNoSkxETWlTaU1sWXoxcm10MmdTS2w5Q3dlbC9iSytQcTJ3VFpXS2xZa0U5NGh6RTMzK3VrcXNwcU9sOEtUL2VNZUF3dW4vYUpjVnc5ZGZ0VnFGckdFUmsydVFDQUJVUmdNR0ZqZUpycWNzQ1ZCdllpZDd3MlEwZXBtWDIvWXRtWXZSWlYrdTJCNWhmWjhTUm5HMUdUQVQ0VVBQSll4NnpUQ3FOaXVsUDFsM2xLalZCTFN3RWIxYm96cXJOQU5DY3VCNDI3Q21vZDRlcllZZXRSamZIRSt4OERwR0FUSm1JREFpOE9OMjZTckFDV21mWUVSbzlFK3kySFhNcmwzUWlJbVUyeHdvK2FNb2pCVkVaMG82ekVTRFdQT3JoeVAxbnU2aUFieDRHVkQ5c1lvT3VnRGxKN1ZwYUczMUF2dnZiN0kvRDUrTHNudFBMdXoyMmNmYXhiYUNiK3lhbzZoNDg2VU15Zk9ZRDBUdTN3TnB0N2pqcWUvQXYxUjNySVdoeWJyODBzTCs3SExKdEN1QUdNRVB1aWh2ZjN0YUQ5M25sQVBINEFGOVV6cTVnODhaV2lRdHpnMDVCS3hvZmwwd2ZGaTJReDRCN0lld0RZcGI4N0FTa3pxdThlWkNZZ3paSXRsVG8yU2NBUFd0YUw2akJFd0hSRXpZdmxkZW1iTUpURWNZYjUycFVYRHlZaHU5d014d0ltWjd5KzljPXwzODUxNjY4Y2E2NmEyOGZhM2ZhYjg0YWZkNTYzZjA2OThhMjI5YTU2ODI3ZTE4NTNmOWZlZjQ2ZTdkNjNiYjhkMjgwNDBjMmZmYzA1MzljZjlkM2IzMDczYTFlOTY2MWZiYjIzMjNhOWZlNjNkMTExNjUzZjUyYjY0ODAzMDM4YjYxYzRjMDc5YjRkMmM5YWRhZDNlNmJmYjU4YTNjMzQxODlkZDRmZDhjMTZiODY4MThlODI3NjZkMjJlNTkwNzFkNjRhZjFiNDI1YTcxOTYxZGQyZjEwMWQwZmY0YTQ1ZGEyZDIzNDAzNjU5MWJjOTRkMzI2MzRlYjFjOGE3Y2Y1OThjNDFlYWRjNDViYjJhYTMxMGRkOTIxNjQwMTI4NjI4ZmMxNmYyODE3NTgzMWQ4YTQ3Mjk4NTk2YmI2NTkwOTdhZWVlMzhiZWQwMzQ1YmU2YTkxY2YxOGE1MDlmMWQzMWZlYzMwNGM0NDI1ZjEwYjQ5Y2QyM2U3MjMwMTkxYTQyNjU3NmIzYjg1Y2JkNjdhZDJlODgzNDA4ZTg0ZjI4ZWY5NzdkMWUzNDhmZjAyMWU2YTc0MzYwNjY2YzJmM2UzNmFiOWEyZDMyYmEzOTM0Y2YyMmI3NTM4YzA2MWRhOGM1YTQ2ZDZlY2M2NGRjOGUxNjI0MGI5ZTg4NjgwMDExZHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=kaguiyvkqdbhvcmc&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/glu.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43d3312eb1cb8fabb9fca220160bdfb5cf3975c1c7eea857c3d389c32ae79a77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
90
X-XSS-Protection
1; mode=block
Expires
-1
/
connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secur... Frame 672A 		69 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769386464
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95b9a7dbe03d6281b79ff261146c571320caca447da5f4b40b3fdfcce1606d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
28982
Content-Type
text/html
Date
Thu, 02 Feb 2023 02:29:58 GMT
Expires
-1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Accept-Encoding
X-Akamai-Transformed
9 37295 0 pmb=mTOE,1
X-XSS-Protection
1; mode=block
max-age
0
elegant.html
connect.secure.wellsfargo.com/AIDO/ Frame D465 		76 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769942938
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a83d2b686ea1d2c68883d790fefb6d9be6d95e69ac9c254c64cc4432d655cdb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
32138
Content-Type
text/html
Date
Thu, 02 Feb 2023 02:29:58 GMT
Expires
-1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Accept-Encoding
X-Akamai-Transformed
9 41339 0 pmb=mTOE,1
X-XSS-Protection
1; mode=block
max-age
0
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 6162 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:57 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vyHb
connect.secure.wellsfargo.com/AIDO/ 		90 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBXcFhqUmVlWXNXLzlzSWpUOEJOOExXNWNxRXRXNXFQTDRuSi9ValoybVJlVjMrL1pkbG9qa1FOVnVuTHhkYkwwUUcwOXBhMjYvTzVHb1JTWWRlUjFCbS8wbzRudGEzWjZwVjZQUmNiRzFGZlpyR0h1WlZ5UGZjai9kei9iZmRtcGZ2OGhMRlA4MzkvUWpWOStydER1c013VEJaZmpJTkYxd1dKRFhEY3h2WlZUZXJabkV0bC9iaS9OeWdTaDRTSTcxc25wSGQwQjZWajBGWHZBZVlYaUQrUmNsOXpSVG0zOXZoenpJZnpxK0dpUjJxVnRKZTZUVU54TDhwSVdGdms4UGV4YXozMGUrNkM0M1NZPXw4NTZhZWZmNDU0ZGI3Mjg4MTE4MzVhZmU5ODM5NjcyOTY5Zjc1N2YzYThhNGVlODYzM2I0NzM0MzAzODgxOGRiZWQ1NDMzYzg3ZGM1ZWFhZjUxZDZiNzY1MzlhMWFjYjE1NWU3M2M2NzdmZjcwZTIzYWRiNjIyODkyNGRhZWZkNjAwNGU2NmNlOWQ1NDZlZjBiYzBhMmI1NjY0YTM3NmRkMGRlZGExOGI3MTU0ZWZjMzg0ZDc5MmFmMDEyM2Q5Y2I5YjE0NGJiOGM2MDBmYjQ4NzE1NDk0ODJlYzhiOWY1MjY0MWQ5ODNhYjRhZWFkYzUwOTllOTdmMGQxZGRjODc0OWNhNmI3NzEyNzlkNGUxYTUwYTVhNmE4NzlkZDE3OWI2ZWIzMzFhYzBiNjc4N2EzNWFiYjJmODk0ODBlY2EzMGQ1YTg0OWVhZjdmNDBhZGVhNGQzZWIxMTlhM2JlOTYxZmYwNjYwNzc0ZGUzNzk4MTRiZTVhN2JiZjc3MDczNzk3NzBkZGFhMzNlMGY1NTk2MWJkYTU2N2QzOGU1NTdmMzliM2MyNjNiYjAxYWNiMGIxMTg2YzFhY2Y1NzQxYTUyMDQzZDIzY2YzZGFkZDdjNDA2NDBkMWQ3ZDY4ZWEyODYwZDA2NDIzYTAwODkzZWZhZGFhZTY4OTk0ZmI3MDBjNXwwMGVlMGI2MmVjYWFjODlm&cid=15%2C20&si=4&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=bnw_xttmeqovkkfm&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36006a31520d5da6d413797bb33998290360e3838b7f37a4f2ee5d29552d1a20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Thu, 02 Feb 2023 02:29:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
90
X-XSS-Protection
1; mode=block
Expires
-1
onsiteData.json
resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/ 		26 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.65.230 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67de32b64d12842252ed6f84bf84f82ec594e0c90d9a7fcacef1ff32f06778fe
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
Opbxz_xndE31tgAdXrS7zLsEpNCLZ9SJ
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 02 Feb 2023 02:29:57 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
ZVR7KG1BQXVFM2TS
age
2361239
x-cache
HIT, HIT
content-length
1742
x-amz-id-2
K9E6Lyn+5zYa02+BxUqOd1Ieh5RKsSyELv7lzKovxEeIMRmFJhuRKBOapqg1hA2HtHbXLhUapfU=
x-served-by
cache-pao17458-PAO, cache-hhn-etou8220097-HHN
last-modified
Thu, 05 Jan 2023 18:35:58 GMT
server
AmazonS3
x-timer
S1675304998.841817,VS0,VE0
etag
"2e8716b6038e3c354a2da4f630551d90"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
188720, 6
track
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 		59 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-me
prod-instance-gatewayservice-green-fb6k
date
Thu, 02 Feb 2023 02:29:57 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
http://bgitopazdowntown.ddireal.vn
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
59
x-application-context
application:9090
track
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 		59 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-me
prod-instance-gatewayservice-green-wk2j
date
Thu, 02 Feb 2023 02:29:57 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
http://bgitopazdowntown.ddireal.vn
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
59
x-application-context
application:9090
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 672A 		182 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769386464
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769386464
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Mon, 05 Dec 2022 18:21:50 GMT
ETag
"c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
72934
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 672A 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769386464
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame D465 		182 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769942938
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769942938
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Mon, 05 Dec 2022 18:21:50 GMT
ETag
"c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
72934
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame D465 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769942938
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
farmbook.html
connect.secure.wellsfargo.com/AIDO/ Frame 8448 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/farmbook.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
151d7074a3e9c4b7edc543d08bc2123ce20040f038e318b2a011e8d1f68a6087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
8564
Content-Type
text/html
Date
Thu, 02 Feb 2023 02:29:59 GMT
Expires
Thu, 02 Feb 2023 03:29:59 GMT
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Accept-Encoding
X-Akamai-Transformed
9 10805 0 pmb=mTOE,1
X-XSS-Protection
1; mode=block
max-age
0
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 672A 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769386464
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame D465 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769942938
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 8448 		182 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/farmbook.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.secure.wellsfargo.com/AIDO/farmbook.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:29:59 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Mon, 05 Dec 2022 18:21:50 GMT
ETag
"c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
72934
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 8448 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/farmbook.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 672A 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769386464
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame D465 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499769942938
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 8448 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/farmbook.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:29:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vDRE
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame 8448 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.42 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/farmbook.html?sui=4266a24a4aa08991d4e98aa046bc5616a873638304df65177c1efe2ae17a0fb6
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Feb 2023 02:30:00 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/idl?pid=1317

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontentvisibilityautostatechange string| nsbmizjcc string| NDS_LISTEN_FOCUS string| NDS_LISTEN_TOUCH string| NDS_LISTEN_KEYBOARD string| NDS_LISTEN_DEVICE_MOTION_SENSORS string| NDS_LISTEN_MOUSE string| NDS_LISTEN_FORM string| NDS_LISTEN_ALL string| NDS_LISTEN_NONE string| nstdm function| nsdiedygrd string| nstdmkkcf string| nshmfriqu string| nsbmizjc string| nstdmk string| nsgfuu string| nsgfuutnz function| nstdmkk string| nsqqwuggnc string| nsgfuutnzi string| nsqqwu function| nsqqwuggn string| nshmfriqud string| nshmf function| nsqqw function| nsfxs object| nsvbi function| nsmtsnzhyy function| nsxgbiyfr function| ndoIsKeyIncluded function| ndoIsModifierKey function| ndoIsNavigationKey function| ndoIsEditingKey object| KEYBOARD_LOCATION object| KEY_TYPE_AND_LOCATION function| nsfxsnfs function| ndoGetKeyboardLocation function| nsqvdj function| ndoGetKeyTypeAndLocationIndicator function| ndoGetObjectKeys function| nslmdztmt boolean| nsdiedy string| ndjsStaticVersion function| nsueskvpd object| nsdomvark function| getEnabledEvents object| nsdiedygr boolean| nstdmkkcfc number| nsdiedyg function| nslmdztmtc function| nsmtsnzh number| nstdmkkc object| nsqqwugg object| nsbmiz function| validateSessionIdCookie object| nshmfriq object| nsdomvarkr object| nsbmizj function| ndwti function| nsqvdjz object| nsvbiooc function| nsfxsn boolean| nsbmizjccx string| nsvbioo function| nsmts object| nsgfuut object| nshmfri object| nds object| nsvbio number| numQueries object| returned string| version function| nschvbg function| nsfxsnf string| ndsWidgetVersion undefined| nsdom string| nsdomv function| nszqyma string| nsdied string| nsqqwug string| nsvbioocap string| nsdie string| nsbmi object| nsdomva function| nslmd object| nsgfu function| nsdomvar function| nsvbiooca function| nshmfr function| nsues function| nsueskvpdo function| nslmdzt function| nsxgbi function| nsqvd function| nschvbgtnu function| nsxgbiyfrc function| nsmtsn function| nsqvdjzrw function| nsmtsnzhy function| nsueskvp function| nslmdztm function| nszqymalc function| nsuesk function| nsueskv function| nsfxsnfsrd function| ndwts function| attachEventListener function| nsqvdjzr function| nschv function| nsqvdjzrwb function| nszqymal function| HashUtil function| nszqym object| nsgfuutn function| nsmtsnz function| nsfxsnfsr function| nslmdz function| nschvb object| ndsapi object| antiClickjack number| adrum-start-time object| adrum-config function| GooglemKTybQhCsO function| google_trackConversion object| ___sc124934 object| ___so124934 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt object| currentTime boolean| isReact object| mwfGlobals object| utag_data object| ____0.569561625691986 string| randomKey object| ____0.7573538622189888 string| internal_IP string| GTAG_TYPE object| GTAG_CONFIG object| results object| YAHOO object| dotq object| webpackJsonp boolean| utag_condload string| new_path object| utag_cfg_ovrd object| userAgentArr object| utag function| isNotUndefinedOrNull function| getDocumentTitleLabel function| sendDataToGA boolean| __tealium_twc_switch function| utag_pad function| utag_visitor_id object| KAMPYLE_EMBED function| grip string| MDIGITAL_ON_PREM_PREFIX object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata function| medalliaSurveyLink

8 Cookies

Domain/Path Name / Value
bgitopazdowntown.ddireal.vn/ Name: PHPSESSID
Value: 324q19rusrnl7vorerpjarn1un
.wellsfargo.com/ Name: ndcd
Value: wc1.1.w-729460.1.2.2nF59nt_mp9IJXMliVEEGA%252C%252C.Bj3wezJvsPQMDkJgDWr482WwF-OZAQKT5q4qG2kaa9cYJiL4vRFQZeC0RS0fSNDcjwsnp0iqtFhsoeqouNo61ELfUni6UKYejNUSmGlW2AttAhfjZbXz7t5TDw90GPZ7J5eTBLA2ciDE7Gf2jcDxzq_OobPDp9m_9NatVAqAaPoV8GCpZSlzPbwy8-nQ_v9W
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
bgitopazdowntown.ddireal.vn/ Name: mdLogger
Value: false
bgitopazdowntown.ddireal.vn/ Name: kampyle_userid
Value: 2919-94d3-11a1-152c-34ba-1d07-e952-e86e
bgitopazdowntown.ddireal.vn/ Name: kampyleUserSession
Value: 1675304997855
bgitopazdowntown.ddireal.vn/ Name: kampyleUserSessionsCount
Value: 1
bgitopazdowntown.ddireal.vn/ Name: kampyleSessionPageCounter
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIB30aSBAQAAaON8e0THKEG-EABBQKIADdpWWv5DyTHstHopwQkaHgNyXtDA&X-G2Q3kxs3--z=q
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f&session=89ed6da633baf9b1dc4fb8dae8f49e4f89ed6da633baf9b1dc4fb8dae8f49e4f
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/idl?pid=1317' from origin 'http://bgitopazdowntown.ddireal.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/idl?pid=1317
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
api.rlcdn.com
awusw-wfr.advanced-web-analytics.com
bgitopazdowntown.ddireal.vn
connect.secure.wellsfargo.com
resources.digital-cloud-prem.medallia.com
static.wellsfargo.com
udc-neb.kampyle.com
www10.wellsfargomedia.com
www15.wellsfargomedia.com
api.rlcdn.com
104.76.144.209
104.76.155.103
104.83.4.32
104.83.4.42
116.118.50.194
13.224.103.128
142.250.180.230
151.101.65.230
2a00:1450:400d:808::2002
35.241.45.82
00fb0d4cdf817e417a1debd18edda41c97d9dbb75bb9778ff001c1b727795154
052776ce5bb96d76cced9b9d9d5cc8ab2110e33eaba59f6cd3259642a83ff4d4
05413f45f5993fb5a248861440bb0ef62b51aabeb798c6bc82a33f3e8659b866
151d7074a3e9c4b7edc543d08bc2123ce20040f038e318b2a011e8d1f68a6087
18abcbfd674a00d68a13975ada85e901f4ee842ad94c06eef35ef13e071e19c8
20b90132f5e2d51fe8edeaff395c1f75127775d81cf65b33a863eb2ed95edf51
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5
236fff12965c5b5b0d7bb2936078c951669c6f9227b8a74d39dbdbc98545904b
26fbfe958bfab19d28484b3b379e912c26deb4373a95ab634138817b1cc8fd4e
28c7a1b0b0cfc11cbada099c30a82676e1ccad9b3120b17efdd3d426b4a9ce94
34cfd621f312275ea25a51ea65b3b53809de7b2a9cf93a53b71a88804f0d894f
34d6af1ed862f62ede259dedabcadba6446c1e9182cd70b19c66cb3acedae93d
36006a31520d5da6d413797bb33998290360e3838b7f37a4f2ee5d29552d1a20
3636799d3181248d5db968a7851b9aa972ea77f64b3cba9ce6b0a8933106c0c2
37e2ca5b89df006a42ecf0d523ab9a5df6ed27ae4139a53ffc372dbeb0876b95
3800820bbccbdc7e2ed0ebb7ba2540ec046676b403c3a8894f41da658d6e00a5
384f41d37d3a9be1a72e761589096fcce4119150ea81ead29ba758514d321e94
43091c732a9e1f1b0e59c674512e6b66265eec2beff0e764396f1e08e1941eec
43d3312eb1cb8fabb9fca220160bdfb5cf3975c1c7eea857c3d389c32ae79a77
5e68ea9ca9cce32f91979f88142e963f0ff950cc1f1b6c3246eaaaf2f3091c58
60d47dd37dff7fa5a9353b251f9d54bbbfc2d9564003d347a85075d046ecee7c
61a097bc2513efb34dee32ba60be8df34a5e2d3f9f833065c47fe18b89907662
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
6478879db9ed10ac3e8ada3fbd66208b544cced5c08040333ac2334c8aa8b48c
67de32b64d12842252ed6f84bf84f82ec594e0c90d9a7fcacef1ff32f06778fe
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
6d2cb856c9752f03319646d7ad5b02a40b10f0ef3fbb138a22514a9836cc3400
7da443f39799d3ff07e43890054b7888b5f3c2d91b68b9e23a4cc4fa5e037701
7ef2eda58c8580e102bdfe3795e2c13129255f412aee9abfe19562e5bf959ec5
85f39a9e87ea01745f1ac1475b364af858780a16798712130d27ef5741ad4431
8b1a0678af2f7346a118ac4ce78421bb4028ccbb91a9d4bca3488da1738a662e
8c1408af268dd0f50496137e75c1127cde1fd8d696ea5f4bb6ed93feb6a59df3
9184b3835b9cda7302210700cdc5050c5c207682d69c3fbe9e78356cffb65391
91e4378e57724619356caa4ca5a9af2c2c668b503f7b2113b1a8eaee7254db2a
95b9a7dbe03d6281b79ff261146c571320caca447da5f4b40b3fdfcce1606d05
988ce210a0f58c104e2c122eb42338ddd85ff2e33b9b0ffe3af2d7df9e2b00ad
9c4cf53fef9222fc5d6659fa4b776fe20d64c46886c3d96547aaae16134afb2a
a6e52e46f30c7dc4e41a706d9008c258593f367fd4dd7df1bfcca090444aba01
a830d0edb2a0425d62b04c2f2833ad08a47735bc655cab5b29b27d3b522639fb
a83d2b686ea1d2c68883d790fefb6d9be6d95e69ac9c254c64cc4432d655cdb4
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c7f6fecd28e86320a8d43335184efd3f1360beaefc6b7f9738abeaf3045ab5
b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683
bd320a1a5b4aa6e2026cb92ddd25306bbb52efcb74837ad3e9958fec2643a5c5
c567736fbf5b10d4933ff5632a372890f0cd43804f0e17ec9d5c8b1c9b8a14ee
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
d05c6eece255484babbedeb74b3a5b19daaa9763049e08362b82cfdf1fc8bfbe
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
db27897282a9c24bf21eeb7cebabf3cc9feec5d7d7676498f7809e632a1a6502
db341d5481f4f4821d615925d8832d4670c0be64ec82a973bbbb692b8ae1b97f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4215a4282e51c566934c7b8f4a910da16a539c29292d69e536ff06ddbddde9
f6d94388f08f73ea73adbfa84c4ec5bff48ba7130e76c71479fcbf832c302d7c
f90598e6dd9e9b38ce71662badd8516ee1f6633e8b472e10824e60f441594b17
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
fe5a6f8b61d3b055e92d347163a4715675351eaa6393364341e823d66406b861
fea85638d902b7d705d72aa9776531c035371a16774f0e52be50c0638c6eb110