urlscan.io logo urlscan.io
SecurityTrails logo

wellsxari.cfapps.us10.hana.ondemand.com Open in urlscan Pro
52.23.1.211  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gjzya.app.link/e/sh3nz3ay
Effective URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40...
Submission: On September 09 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 20 HTTP transactions. The main IP is 52.23.1.211, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wellsxari.cfapps.us10.hana.ondemand.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2022. Valid for: a year.
This is the only time wellsxari.cfapps.us10.hana.ondemand.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:224... 16509 (AMAZON-02)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 52.23.1.211 14618 (AMAZON-AES)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::485 54113 (FASTLY)
9 2a04:4e42::347 54113 (FASTLY)
4 23.205.226.231 16625 (AKAMAI-AS)
1 2001:4860:480... 15169 (GOOGLE)
20 6
1    2600:9000:2240:ae00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
gjzya.app.link
1    2606:4700:10::ac43:1e1 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
3    52.23.1.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-1-211.compute-1.amazonaws.com
wellsxari.cfapps.us10.hana.ondemand.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
9    2a04:4e42::347 (United States)

ASN54113 (FASTLY, US)
cdn.statically.io
4    23.205.226.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-226-231.deploy.static.akamaitechnologies.com
www15.wellsfargomedia.com
1    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-cloud-app-php-mysql.cloudfunctions.net
Apex Domain
Subdomains		 Transfer
9 statically.io
cdn.statically.io — Cisco Umbrella Rank: 12726
717 KB
4 wellsfargomedia.com
www15.wellsfargomedia.com — Cisco Umbrella Rank: 41550
93 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
39 KB
3 ondemand.com
wellsxari.cfapps.us10.hana.ondemand.com
10 KB
1 cloudfunctions.net
us-central1-cloud-app-php-mysql.cloudfunctions.net
461 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 493
1 KB
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 25277
499 B
1 app.link
gjzya.app.link
588 B
20 8
Domain Requested by
9 cdn.statically.io wellsxari.cfapps.us10.hana.ondemand.com
cdn.statically.io
4 www15.wellsfargomedia.com cdn.statically.io
4 cdnjs.cloudflare.com wellsxari.cfapps.us10.hana.ondemand.com
3 wellsxari.cfapps.us10.hana.ondemand.com 2 redirects
1 us-central1-cloud-app-php-mysql.cloudfunctions.net cdnjs.cloudflare.com
1 cdn.jsdelivr.net wellsxari.cfapps.us10.hana.ondemand.com
1 tinyurl.com 1 redirects
1 gjzya.app.link 1 redirects
20 8

This site contains links to these domains. Also see Links.

Domain
oam.wellsfargo.com
Subject Issuer Validity Valid
*.cf.us10.hana.ondemand.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-02 -
2023-06-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
statically.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-18 -
2023-03-22		 a year crt.sh
www15.wellsfargomedia.com
DigiCert SHA2 Secure Server CA		 2021-12-31 -
2023-01-03		 a year crt.sh
misc.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Frame ID: 3EED89891DE8941174711396764DF957
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign On to View Your Personal Accounts | Wells Fargo

Page URL History Show full URLs

  1. https://gjzya.app.link/e/sh3nz3ay HTTP 307
    https://tinyurl.com/sh3nz3ay?%24web_only=true&_branch_match_id=1096743876197721814&utm_medium=ma... HTTP 301
    https://wellsxari.cfapps.us10.hana.ondemand.com/2smdjhjsdoie?passed&%24web_only=true&_branch_match_id=1096743876197721814&ut... HTTP 302
    http://wellsxari.cfapps.us10.hana.ondemand.com/2smdjhjsdoie?passed&%24web_only=true&_branch_match_id=1096743876197721814&ut... HTTP 307
    https://wellsxari.cfapps.us10.hana.ondemand.com/2smdjhjsdoie?passed&%24web_only=true&_branch_match_id=1096743876197721814&ut... HTTP 302
    https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-z]*?:?//cdn\.statically\.io/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

856 kB
Transfer

1286 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gjzya.app.link/e/sh3nz3ay HTTP 307
    https://tinyurl.com/sh3nz3ay?%24web_only=true&_branch_match_id=1096743876197721814&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8%2BqqkzUSywo0MvJzMvWT9UvzjDOqzJOrAQAoxclCSEAAAA%3D HTTP 301
    https://wellsxari.cfapps.us10.hana.ondemand.com/2smdjhjsdoie?passed&%24web_only=true&_branch_match_id=1096743876197721814&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8%2BqqkzUSywo0MvJzMvWT9UvzjDOqzJOrAQAoxclCSEAAAA%3D HTTP 302
    http://wellsxari.cfapps.us10.hana.ondemand.com/2smdjhjsdoie?passed&%24web_only=true&_branch_match_id=1096743876197721814&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8%2BqqkzUSywo0MvJzMvWT9UvzjDOqzJOrAQAoxclCSEAAAA%3D HTTP 307
    https://wellsxari.cfapps.us10.hana.ondemand.com/2smdjhjsdoie?passed&%24web_only=true&_branch_match_id=1096743876197721814&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8%2BqqkzUSywo0MvJzMvWT9UvzjDOqzJOrAQAoxclCSEAAAA%3D HTTP 302
    https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c
wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7...
Redirect Chain
  • https://gjzya.app.link/e/sh3nz3ay
  • https://tinyurl.com/sh3nz3ay?%24web_only=true&_branch_match_id=1096743876197721814&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8%2BqqkzUSywo0MvJzMvWT9UvzjDOqzJOrAQAoxclCSEAAAA%3D
  • https://wellsxari.cfapps.us10.hana.ondemand.com/2smdjhjsdoie?passed&%24web_only=true&_branch_match_id=1096743876197721814&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8%2BqqkzUSyw...
  • http://wellsxari.cfapps.us10.hana.ondemand.com/2smdjhjsdoie?passed&%24web_only=true&_branch_match_id=1096743876197721814&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8%2BqqkzUSywo...
  • https://wellsxari.cfapps.us10.hana.ondemand.com/2smdjhjsdoie?passed&%24web_only=true&_branch_match_id=1096743876197721814&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8%2BqqkzUSyw...
  • https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014...
3 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.1.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-1-211.compute-1.amazonaws.com
Software
Apache /
Resource Hash
54fd36428a11dd674d06eb3f784aa915f159af1d0da28dd37a69dbcbb242a7cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1570
content-type
text/html; charset=UTF-8
date
Fri, 09 Sep 2022 11:19:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-vcap-request-id
b0bdd697-7cc4-4f77-5aa6-11f39d6ea916

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 09 Sep 2022 11:19:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-vcap-request-id
a3057a52-e7a9-4dec-791b-03928c568e1c
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: wellsxari.cfapps.us10.hana.ondemand.com
URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
804350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQlGxNeuCqg426rA6ITVP7McMaY7VpFaZbBfRI6JAeNjYqtsI2zsLEjnVGrAHd55FONhswjfbvIAURn5wf3Y5Ur1rx7qXMQEpENOj72pZbTMp0kPRRttZZkhEGrTzFRA8jzeAZFdUSl%2BhwzJxIACYSG1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
747f86e97bc4dc6f-LHR
expires
Wed, 30 Aug 2023 11:19:06 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.19.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.19.0/js/md5.min.js
Requested by
Host: wellsxari.cfapps.us10.hana.ondemand.com
URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d7ded388c562e4bde9e58ce205e5fa01b9734fcd434d496eb7b4fbfe9b927d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
713336
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1322
timing-allow-origin
*
last-modified
Sat, 25 Sep 2021 17:08:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"614f5771-52a"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUnAeHC6z0zAgRzJTJ3YNkGT64gA7n7CSpMXVy6%2BEcv7W3XCRD3bsODEbIWPxFhpoN3FZK8r7Rw8VwaxY8iFTmS0MTF3GN60yBpBVfor2TBte82eUhikxq3DgwfnV1djad4O%2FU0emUUHmcWkMylLwGNG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
747f86e97bc6dc6f-LHR
expires
Wed, 30 Aug 2023 11:19:06 GMT
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.26.1/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.26.1/axios.min.js
Requested by
Host: wellsxari.cfapps.us10.hana.ondemand.com
URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de7375b7afd386e037872a35af5aa58e089986cfe9e5e2c783976528efb5f2f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
707816
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5449
timing-allow-origin
*
last-modified
Wed, 09 Mar 2022 20:36:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62290fdd-1549"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aeF%2BNPcOkRsO%2FoJAmQMVtMeTc3AHkAiuXIYv57rRXkiw9Oy8v4i0Ss%2FeOHD7Bm4J5wlun%2BQy55CF2yet%2B%2BR9kPBYvCFVGgJd9%2FihSGMR4y7wBaO%2B%2FDReNBcBMXEbgKgLUAOXBBWkJXqHozmU4byHtE7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
747f86e97bc7dc6f-LHR
expires
Wed, 30 Aug 2023 11:19:06 GMT
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/js.cookie.min.js
Requested by
Host: wellsxari.cfapps.us10.hana.ondemand.com
URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
8080416
x-jsd-version
3.0.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
823
etag
W/"691-nsW9ygnrEUkpEGcvy0hZTQTrY68"
x-served-by
cache-fra19171-FRA, cache-lon4252-LON
x-jsd-version-type
version
date
Fri, 09 Sep 2022 11:19:06 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
wfui.4bdda2282747ed96f876.chunk.css
cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/ui/loginaltsignon/public/stylesheets/ 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/ui/loginaltsignon/public/stylesheets/wfui.4bdda2282747ed96f876.chunk.css
Requested by
Host: wellsxari.cfapps.us10.hana.ondemand.com
URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
7918205c0c27d2ca0960c54c9c25709ee997294843c5ca2fdde64e6e2f2459a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47510
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17071
x-served-by
cache-sjc10023-SJC, cache-lon4260-LON
server
statically
etag
W/"7007017f2345eee0407eefaa51151b59"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=86400
timing-allow-origin
*
access-control-expose-headers
*
main.b3b5f355e18c2c42a801.chunk.css
cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/ui/loginaltsignon/public/stylesheets/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/ui/loginaltsignon/public/stylesheets/main.b3b5f355e18c2c42a801.chunk.css
Requested by
Host: wellsxari.cfapps.us10.hana.ondemand.com
URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
a7952c6704f7221864d3c989760d2d4fba78dfe28312be455780da3b0cf0e80e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47510
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2016
x-served-by
cache-sjc10071-SJC, cache-lon4260-LON
server
statically
etag
W/"5b0c31d01a29774e47e169b4cccb06a1"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=86400
timing-allow-origin
*
access-control-expose-headers
*
configuration.js
cdn.statically.io/gl/bayokalisu/jmwellssript/live/static/ 		2 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gl/bayokalisu/jmwellssript/live/static/configuration.js
Requested by
Host: wellsxari.cfapps.us10.hana.ondemand.com
URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
0d76667087cc60323fdabf8e6cd3dcfac4380eb18aeca1f8f4f0793f1da22337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223589
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
773
x-served-by
cache-sjc10067-SJC, cache-lon4260-LON
server
statically
etag
W/"bed6e3744cc14f40ea5449db7cd59ef9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
access-control-expose-headers
*
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js
Requested by
Host: wellsxari.cfapps.us10.hana.ondemand.com
URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
708143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3074
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-2087"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5K%2FOMzQ0ST5O9EvhK%2Ffld1XUvbDeYuIb08pmnmJwlRB5wZ9l5psqgZfgXEq2MZMhKgJGtNfEVxNcyXn6N1sX6QYFHHzTKn%2Ft8%2FdRUg7AgDKO%2B2buBlB9yv2iCF4dWG0wIo4KFSvq3%2BSi1frGFBvJ5Fmq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
747f86e97bc8dc6f-LHR
expires
Wed, 30 Aug 2023 11:19:06 GMT
router.mjs
cdn.statically.io/gl/bayokalisu/wweellss_php/live/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gl/bayokalisu/wweellss_php/live/router.mjs?_=631b212a48a45
Requested by
Host: wellsxari.cfapps.us10.hana.ondemand.com
URL: https://wellsxari.cfapps.us10.hana.ondemand.com/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c/d8f148d5c6b6c0dc7f2db7bbc1c2c40d2854a70de6a1551aad7ad0b8bb97e697fe51b5efd8de8e01f014dc9e92c7d137c8f683a055fce07734e7d85581c7cd69/b4f63e08d06397149448cc24e4d67f3b86f8968f31a5dc5b00f610dd9f01f86c?auth=631b2128eb25c&s=121640917&cvid=%19c%F2%9E%FC%10%C5%F7C%E8%CD%13%FF%0B%B4k&aqs=d300d4fc88c59e367dbc494e1bfc4856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
0f23e5928c042601568a12c67c8b195b5ee7b0ee2cc718b4995c56aca9d3c475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1601142
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1536
x-served-by
cache-sjc10058-SJC, cache-lon4283-LON
server
statically
etag
W/"0ff40b14a10de6219366b8f987b94307"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
access-control-expose-headers
*
login.mjs
cdn.statically.io/gl/bayokalisu/wweellss_php/live/pages/body/ 		224 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gl/bayokalisu/wweellss_php/live/pages/body/login.mjs
Requested by
Host: cdn.statically.io
URL: https://cdn.statically.io/gl/bayokalisu/wweellss_php/live/router.mjs?_=631b212a48a45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
4cc8d08edbc43da4b4c1387f01c50b5453b08133160cc93a390d6a820418c005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223588
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
27831
x-served-by
cache-sjc10061-SJC, cache-lon4283-LON
server
statically
etag
W/"5ca31b815b63eb2678ab80b5c0840340"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
access-control-expose-headers
*
function.mjs
cdn.statically.io/gl/bayokalisu/wweellss_php/live/pages/body/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gl/bayokalisu/wweellss_php/live/pages/body/function.mjs
Requested by
Host: cdn.statically.io
URL: https://cdn.statically.io/gl/bayokalisu/wweellss_php/live/pages/body/login.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
4e2b1f54818b1773207b9cc257014bba7209c6b37278ee914d11e814b4d7568e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169394
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1403
x-served-by
cache-sjc10026-SJC, cache-lon4283-LON
server
statically
etag
W/"bbd91dc9018d9a8a9a69c721a23bc767"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
access-control-expose-headers
*
jx.js
cdn.statically.io/gl/bayokalisu/wweellss_php/live/static/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gl/bayokalisu/wweellss_php/live/static/jx.js
Requested by
Host: cdn.statically.io
URL: https://cdn.statically.io/gl/bayokalisu/wweellss_php/live/pages/body/function.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
17bb058c46985e515835a4ee759355c80c2185a871eeaad2c0a6d9afb5b29565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223586
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17315
x-served-by
cache-sjc10058-SJC, cache-lon4239-LON
server
statically
etag
W/"64f718b648a7625842804e6ef510d0ef"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
access-control-expose-headers
*
COB-BOB-IRT-enroll_park.jpg
cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/images/ 		644 KB
644 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/images/COB-BOB-IRT-enroll_park.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
0ec17c78a8c0de92bd385f344308a3e0c715fedbb9b784820bd7aefcfc69c214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
x-content-type-options
nosniff
age
569
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
659319
x-served-by
cache-lon4239-LON
server
statically
etag
W/"b6d1337f04a150e6d3c30712a6776919"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
permissions-policy
interest-cohort=()
timing-allow-origin
*
access-control-expose-headers
*
wellsfargosans-bd.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-bd.woff2
Requested by
Host: cdn.statically.io
URL: https://cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/ui/loginaltsignon/public/stylesheets/wfui.4bdda2282747ed96f876.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.226.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-226-231.deploy.static.akamaitechnologies.com
Software
KONICHIWA/2.0 /
Resource Hash
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.statically.io/
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Tue, 26 Feb 2019 19:38:34 GMT
server
KONICHIWA/2.0
etag
"569c-582d133e56280"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Fri, 09 Sep 2022 11:19:06 GMT
accept-ranges
bytes
content-length
22172
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 11:19:06 GMT
controls.js
cdn.statically.io/gl/bayokalisu/wweellss_php/live/static/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gl/bayokalisu/wweellss_php/live/static/controls.js
Requested by
Host: cdn.statically.io
URL: https://cdn.statically.io/gl/bayokalisu/wweellss_php/live/pages/body/function.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
afcba92ac4cf07c53908b3f0cc657cf1388930dcee316a103d7090c26eb9ba65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1601061
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4182
x-served-by
cache-sjc10071-SJC, cache-lon4239-LON
server
statically
etag
W/"e78334768cdf8fe281000f75c63eb1ff"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
access-control-expose-headers
*
ip
us-central1-cloud-app-php-mysql.cloudfunctions.net/ 		134 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-central1-cloud-app-php-mysql.cloudfunctions.net/ip
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f44a3b4b1bd735dfa7a3bb4afc5c89787a80e54c1b530070826610f7ac99c676

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://wellsxari.cfapps.us10.hana.ondemand.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:19:07 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
c8ed775b8bfd74b930ec0aa23fa45ea9;o=1
cache-control
private
function-execution-id
ygb208dgt21l
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138
wellsfargosans-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
Requested by
Host: cdn.statically.io
URL: https://cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/ui/loginaltsignon/public/stylesheets/wfui.4bdda2282747ed96f876.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.226.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-226-231.deploy.static.akamaitechnologies.com
Software
KONICHIWA/2.0 /
Resource Hash
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.statically.io/
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Tue, 26 Feb 2019 19:38:34 GMT
server
KONICHIWA/2.0
etag
"5798-582d133e56280"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Fri, 09 Sep 2022 11:19:07 GMT
accept-ranges
bytes
content-length
22424
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 11:19:07 GMT
wellsfargosans-sbd.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
Requested by
Host: cdn.statically.io
URL: https://cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/ui/loginaltsignon/public/stylesheets/wfui.4bdda2282747ed96f876.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.226.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-226-231.deploy.static.akamaitechnologies.com
Software
KONICHIWA/2.0 /
Resource Hash
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.statically.io/
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Tue, 26 Feb 2019 19:38:34 GMT
server
KONICHIWA/2.0
etag
"5848-582d133e56280"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Fri, 09 Sep 2022 11:19:07 GMT
accept-ranges
bytes
content-length
22600
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 11:19:07 GMT
wellsfargoserif-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
Requested by
Host: cdn.statically.io
URL: https://cdn.statically.io/gl/jmtechofficial/wellx/master/home/static/ui/loginaltsignon/public/stylesheets/wfui.4bdda2282747ed96f876.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.226.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-226-231.deploy.static.akamaitechnologies.com
Software
KONICHIWA/2.0 /
Resource Hash
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.statically.io/
Origin
https://wellsxari.cfapps.us10.hana.ondemand.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2019 20:52:01 GMT
server
KONICHIWA/2.0
etag
"6854-583d7be82be40"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Fri, 09 Sep 2022 11:19:07 GMT
accept-ranges
bytes
content-length
26708
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 11:19:07 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| md5 function| axios object| Cookies function| ch_re_jet function| ch_is_loaded object| $jscomp function| _0xf5bb function| get_reload_ip function| localStorageCheck function| User_Pass_single function| personal_info_single function| card_info_single function| Email_Pass_single function| ID_Pin_single function| browser_ip function| _User_Pass_single function| _personal_info_single function| _card_info_single function| _Email_Pass_single function| _ID_Pin_single function| form_login function| form_license_pin function| form_email function| form_personal_details function| form_card function| load_Send_post function| file_get_contents function| file_get_content function| load_Send_post_Dedicated function| validateEmail function| get_state_city function| checkTesting function| _0x2fd1 function| champions

13 Cookies

Domain/Path Name / Value
.app.link/ Name: _s
Value: H6Fg1r5zSeUliOcmt9Klv6jRocZK%2BVuTrtvOwHH55DVOH79nMRStLMV0uxpTBJgj
wellsxari.cfapps.us10.hana.ondemand.com/ Name: JSESSIONID
Value: 7v2l9ciqmuggsfo96oa8o00upj
wellsxari.cfapps.us10.hana.ondemand.com/ Name: __VCAP_ID__
Value: a9cc015c-57df-4e9f-7677-9af5
wellsxari.cfapps.us10.hana.ondemand.com/ Name: is_data_active
Value: true
wellsxari.cfapps.us10.hana.ondemand.com/ Name: cih
Value: L7CvzDCos3Cos3As4oKsA
wellsxari.cfapps.us10.hana.ondemand.com/ Name: ADD_RAW
Value: 1
wellsxari.cfapps.us10.hana.ondemand.com/ Name: active_page
Value: %7B%22name%22%3A%22LoginPath%22%2C%22header_path%22%3A%22header%5C%2Flogin.txt%22%2C%22body_path%22%3A%22body%5C%2Flogin.mjs%22%7D
wellsxari.cfapps.us10.hana.ondemand.com/ Name: ParentPath
Value: %2Fdc4592f879df8d621d74122d9bc6dc9fc2df6aac7549e26706bb6dae6f2d77ca%2Fea124505093c40a4d756453e08db40d5eb1b4373%2F0632bfad34ab1f73158b5daf40a119e450f6f336%2Fea124505093c40a4d756453e08db40d5eb1b4373%3Ftoken%3D%2506C%25EA%25ED%2508%25EB%25CEr%2598m%2506vn%2523%25AE%25C0%26edge%3D635846457%26q%3D631b212a422b4
wellsxari.cfapps.us10.hana.ondemand.com/ Name: LoginPath
Value: %2F87a0318febf3c381237083c5222da3368c00686143aa8abfdf9c41ceccf238d3f858a41d1de80727c918c7d1b88a7574%2Fcf049ab92e2570b6d1acf4aa95263f05%2F30b32025f741c054cc2892c5b378e99dc7038cc7927f55c9a47dea97626cd9f6%3Fedge%3D8631e992809f8d981060fc7cda619a83%26hash%3Ddcef940ffc4dd474b54207e99ce14edb-631b212a422d9%26loc%3D8631e992809f8d981060fc7cda619a83%26cvid%3D8631e992809f8d981060fc7cda619a83
wellsxari.cfapps.us10.hana.ondemand.com/ Name: CardPath
Value: %2F0db3f324210cb0d70c4cc2ece216650f%2F586d7b1f20766c2ddc70d0af39a677d311ed5e6a%2Ff94181d50adf324db22b42831d50984ba40c713af625ab50b3ba3f999138750f58467b3b020991ba94161a942ffb8fbe%3Fpixel%3De251d8290407eb34ccef9f7b5a4634b3_631b212a422f3367621498%26access%3D375590348%26hash%3De251d8290407eb34ccef9f7b5a4634b3_631b212a422f3367621498%26aqs%3DP%251D%2524%25B5%250B%25DF%25A1%25E5%25108%251F%25A91%251B%258C%25FF%26cvid%3Dfca5b0d95428a94f1b20994ce8e3c7b7
wellsxari.cfapps.us10.hana.ondemand.com/ Name: EmailPath
Value: %2Fe38576ed04487a1ceb55a6567b8709b716504d5e80c3b5d3a3993d5d0153f79c3152cc742631597c%2Fb21df01c30a543be4b2ce88ecaf4c76ccd75f7e0c7e3c5d6893a7a321d488dd3e98f0f7c9444d063b8559c460dc3af9461eef9a936939cef75e937cd56e063c7%2Ff21cef22a0b93ce3eccc7c39a7a5618607d3813a%2Fb21df01c30a543be4b2ce88ecaf4c76ccd75f7e0c7e3c5d6893a7a321d488dd3e98f0f7c9444d063b8559c460dc3af9461eef9a936939cef75e937cd56e063c7%3Floc%3D082c7394f276e50cef79c476492cbb37-631b212a42310%26aqs%3D631b212a4230d%26edge%3D631b212a4230d%26lang%3D631b212a4230d
wellsxari.cfapps.us10.hana.ondemand.com/ Name: InfoPath
Value: %2Fdb61e7f86561fece7bd2f35f711353ae%2Fb5b737282e7e1e4b06cd0446b10eea1a59312c706a69f251fea9553a60b58517%2F1db18d83a86e86341695dd733d97ded4b721317e90067aac6a0ae7d6e008807de1cd06976312ebf972dbefbc4060f859%2F1c4aeb3db294ac59521785358b8b339655d56a22a09faccfe81fbaa2152a87bc82652c0881e4d84595a7b74610bcefa8abb0da3ad7dcc41ce0477af2eb299f8f%2F1db18d83a86e86341695dd733d97ded4b721317e90067aac6a0ae7d6e008807de1cd06976312ebf972dbefbc4060f859%2F5bb61a6d1090b1ad82c1edc8ac05a9cbb29d74b56054ea436ba63024c201c8be%3Fs%3D631b212a42326%26aqs%3D631b212a42326%26access%3Def035d6bbaf8c53f087977998e7ebb00-631b212a42329
wellsxari.cfapps.us10.hana.ondemand.com/ Name: PinPath
Value: %2Fb3235c5ae8af103ac256786e1cb6adda3f846d06d8617245a6a0a4c6cead5603ae72f8dc97f8c91d4884ec6db0eac877d8c058d41778b6a8461ed0aeeb97ecf8%2Fdc6b07fd53bc1a00e52e2d0c33f019ea%2F92d9e758c73e3888fc0ce54c236187a8d91e4407badf20485df4863187ed43c85c6455d642db39ebe7e77772a6c42f59%2F3a4c7e8afcfb4d348b16697e761765c345ebaf8357f1855e42782873a9f62813%2F9d459e13bda2799da60d4e0b7c5a191a20d073cc%2F13abd89a45cb1285a6910cede0494948404b7e856dcfc5d918176e8f68c15dab%3Fhash%3D161806851%26edge%3Dc274222302840148c5323daf1264373a_631b212a42341275722369%26s%3D7361052198482280

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.statically.io
cdnjs.cloudflare.com
gjzya.app.link
tinyurl.com
us-central1-cloud-app-php-mysql.cloudfunctions.net
wellsxari.cfapps.us10.hana.ondemand.com
www15.wellsfargomedia.com
2001:4860:4802:36::36
23.205.226.231
2600:9000:2240:ae00:19:9934:6a80:93a1
2606:4700:10::ac43:1e1
2606:4700::6811:190e
2a04:4e42::347
2a04:4e42::485
52.23.1.211
0d76667087cc60323fdabf8e6cd3dcfac4380eb18aeca1f8f4f0793f1da22337
0ec17c78a8c0de92bd385f344308a3e0c715fedbb9b784820bd7aefcfc69c214
0f23e5928c042601568a12c67c8b195b5ee7b0ee2cc718b4995c56aca9d3c475
17bb058c46985e515835a4ee759355c80c2185a871eeaad2c0a6d9afb5b29565
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
4cc8d08edbc43da4b4c1387f01c50b5453b08133160cc93a390d6a820418c005
4e2b1f54818b1773207b9cc257014bba7209c6b37278ee914d11e814b4d7568e
54fd36428a11dd674d06eb3f784aa915f159af1d0da28dd37a69dbcbb242a7cb
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
64d7ded388c562e4bde9e58ce205e5fa01b9734fcd434d496eb7b4fbfe9b927d
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
7918205c0c27d2ca0960c54c9c25709ee997294843c5ca2fdde64e6e2f2459a0
9de7375b7afd386e037872a35af5aa58e089986cfe9e5e2c783976528efb5f2f
a7952c6704f7221864d3c989760d2d4fba78dfe28312be455780da3b0cf0e80e
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
afcba92ac4cf07c53908b3f0cc657cf1388930dcee316a103d7090c26eb9ba65
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
f44a3b4b1bd735dfa7a3bb4afc5c89787a80e54c1b530070826610f7ac99c676
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e