replicawebsite.com Open in urlscan Pro
66.235.200.146 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://replicawebsite.com/
Submission: On August 06 via automatic, source openphish (August 6th 2023, 10:24:35 pm UTC) — Scanned from DE

Summary HTTP 80 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 13 domains to perform 80 HTTP transactions. The main IP is 66.235.200.146, located in United States and belongs to CLOUDFLARENET, US. The main domain is replicawebsite.com.

This is the only time replicawebsite.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
34	66.235.200.146 66.235.200.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2.17.100.202 2.17.100.202	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	23.56.206.223 23.56.206.223	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.254.142.64 34.254.142.64	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2.17.100.179 2.17.100.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.17.100.249 2.17.100.249	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	54.76.136.163 54.76.136.163	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	35.166.226.75 35.166.226.75	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
80	18

34 66.235.200.146 (United States)

ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com

replicawebsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.17.100.202 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-202.deploy.static.akamaitechnologies.com

c1.wfinterface.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.56.206.223 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-206-223.deploy.static.akamaitechnologies.com

www17.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.142.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-142-64.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.100.179 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-179.deploy.static.akamaitechnologies.com

static.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.100.249 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-249.deploy.static.akamaitechnologies.com

rubicon.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

2549153.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.136.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-136-163.eu-west-1.compute.amazonaws.com

wellsfargobankna.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.166.226.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-226-75.us-west-2.compute.amazonaws.com

pdx-col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdnstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	replicawebsite.com replicawebsite.com	611 KB
15	wellsfargomedia.com www17.wellsfargomedia.com — Cisco Umbrella Rank: 21802	151 KB
9	wfinterface.com c1.wfinterface.com — Cisco Umbrella Rank: 17944	407 KB
4	doubleclick.net 2 redirects 2549153.fls.doubleclick.net — Cisco Umbrella Rank: 21325 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 115	3 KB
3	eum-appdynamics.com pdx-col.eum-appdynamics.com — Cisco Umbrella Rank: 3618	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5576 adservice.google.de — Cisco Umbrella Rank: 12052	1 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 121	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55	539 B
3	wellsfargo.com static.wellsfargo.com — Cisco Umbrella Rank: 10756 rubicon.wellsfargo.com — Cisco Umbrella Rank: 10612	33 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 215 wellsfargobankna.demdex.net — Cisco Umbrella Rank: 13928	4 KB
1	cdnstat.net cdnstat.net — Cisco Umbrella Rank: 495328	705 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
0	rlcdn.com Failed api.rlcdn.com Failed
80	13

	Domain	Requested by
34	replicawebsite.com	replicawebsite.com
15	www17.wellsfargomedia.com
9	c1.wfinterface.com	replicawebsite.com c1.wfinterface.com
3	pdx-col.eum-appdynamics.com	replicawebsite.com
3	www.google-analytics.com	replicawebsite.com
2	www.google.de
2	www.google.com	1 redirects
2	2549153.fls.doubleclick.net	1 redirects c1.wfinterface.com
2	static.wellsfargo.com	replicawebsite.com static.wellsfargo.com
2	dpm.demdex.net	replicawebsite.com
1	cdnstat.net	replicawebsite.com
1	adservice.google.de	adservice.google.com
1	stats.g.doubleclick.net	replicawebsite.com
1	adservice.google.com	2549153.fls.doubleclick.net
1	googleads.g.doubleclick.net	1 redirects
1	wellsfargobankna.demdex.net	replicawebsite.com
1	rubicon.wellsfargo.com	replicawebsite.com
1	www.facebook.com
0	api.rlcdn.com Failed	replicawebsite.com
80	19

This site contains links to these domains. Also see Links.

Domain
connect.secure.wellsfargo.com
appointments.wellsfargo.com
confirmcard.wellsfargo.com
web.secure.wellsfargo.com
www.wellsfargo.com
icomplete.wellsfargo.com
oam.wellsfargo.com
learnmore.wf.com
creditcards.wellsfargo.com
stories.wf.com
apps.apple.com
play.google.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.pinterest.com
www.youtube.com
www.twitter.com
www.sipc.org

Subject Issuer	Validity	Valid
c1.wfinterface.com DigiCert EV RSA CA G2	`2022-10-17` - `2023-10-17`	a year	crt.sh
www17.wellsfargomedia.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
static.wellsfargo.com DigiCert EV RSA CA G2	`2022-10-12` - `2023-10-12`	a year	crt.sh
rubicon.wellsfargo.com Wells Fargo Public Trust Certification Authority 01 G2	`2023-03-03` - `2024-04-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.eum-appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-14` - `2024-07-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdnstat.net E1	`2023-07-21` - `2023-10-19`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://replicawebsite.com/
Frame ID: 22702F4522AE57561CCEEC99A8140E28
Requests: 77 HTTP requests in this frame

Frame: http://2549153.fls.doubleclick.net/activityi;dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F
Frame ID: 5284793DBD23F6419ACA3106B0453B80
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F
Frame ID: F322BC0D95EB9931238EBF22D7E2C3B8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F
Frame ID: C3CF77FBC447B249C3EE7BDCC295630E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wells Fargo Bank | Financial Services & Online Banking

Detected technologies

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

80
Requests

49 %
HTTPS

44 %
IPv6

13
Domains

19
Subdomains

18
IPs

5
Countries

1212 kB
Transfer

2434 kB
Size

11
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS
Title: Sign On

Search URL Search Domain Scan URL

URL: https://appointments.wellsfargo.com/maa/appointment/topic/
Title: Make an appointment

Search URL Search Domain Scan URL

URL: https://confirmcard.wellsfargo.com/
Title: Confirm credit card

Search URL Search Domain Scan URL

URL: https://web.secure.wellsfargo.com/credit-cards/yourinfo/?lang=en&linkloc=fn
Title: Prequalified credit card offers

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/wf/product/apply?prodCode=CC&language=en&applicationtype=creditcarddirectmail&sub_channel=WEB&vendor_code=WF&linkloc=fn
Title: Respond to mail offer

Search URL Search Domain Scan URL

URL: https://icomplete.wellsfargo.com/oas/status/personal-loans-rate-checker/getting-started/
Title: See my loan options

Search URL Search Domain Scan URL

URL: https://oam.wellsfargo.com/oamo/identity/enrollment
Title: Enroll in Wells Fargo OnlineÂ®Â Use online banking to manage your auto loan

Search URL Search Domain Scan URL

URL: https://learnmore.wf.com/EV/
Title: Learn about electric vehicles

Search URL Search Domain Scan URL

URL: https://appointments.wellsfargo.com/maa/appointment/
Title: Make an appointment

Search URL Search Domain Scan URL

URL: https://oam.wellsfargo.com/oamo/identity/authentication?execution=e1s1/
Title: Enroll

Search URL Search Domain Scan URL

URL: https://oam.wellsfargo.com/oamo/identity/help/passwordhelp/
Title: Forgot username or password?

Search URL Search Domain Scan URL

URL: https://creditcards.wellsfargo.com/?sub_channel=WEB&vendor_code=IA&lang=en&product_code=CC&SubProduct_Code=MC&placement_id=C_CCD_WWW_MC_NA_ACQ_HPP_STATIC_EN_HTT_DT_BANNER_TK1&offerid=C_ccd_findcreditcardrspvdefault_smlprimary%20&slotid=WF_CON_HP_SML_PRIMARY&linkloc=HP&OfferType=TK1
Title: Find a credit card Learn more

Search URL Search Domain Scan URL

URL: https://stories.wf.com/feature?category=communities
Title: Wells Fargo Stories

Search URL Search Domain Scan URL

URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=mobilebrowser
Title: Continue to Sign On

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id311548709?pt=126556&ct=digitalPromo-personal&mt=8
Title: Continue

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.wf.wellsfargomobile&referrer=utm_source%3Dwellsfargo%26utm_campaign%3DdigitalPromo%2Dpersonal
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.twitter.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: Continue

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

http://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0 HTTP 307
https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0

Request Chain 41

http://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1 HTTP 307
https://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1

Request Chain 42

http://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153 HTTP 307
https://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153

Request Chain 43

http://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569 HTTP 307
https://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569

Request Chain 46

http://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F HTTP 302
http://2549153.fls.doubleclick.net/activityi;dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F

Request Chain 54

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1691360669278&cv=9&fst=1691360669278&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Freplicawebsite.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&hn=www.google.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/984436569/?random=1691360669278&cv=9&fst=1691359200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Freplicawebsite.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&random=2096447133&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/984436569/?random=1691360669278&cv=9&fst=1691359200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Freplicawebsite.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&random=2096447133&resp=GooglemKTybQhCsO&ipr=y

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
replicawebsite.com/ 123 KB
18 KB 226ms
209ms Document
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e0830df8e9e4434ad80c70f677266c654bf2c37ee184867f41c7dc65c5e6160f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: REVALIDATED
CF-RAY: 7f2ab0afec533830-FRA
Cache-Control: max-age=7200
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 06 Aug 2023 22:24:28 GMT
Expires: Mon, 07 Aug 2023 00:24:28 GMT
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
X-Newfold-Cache-Level: 2
X-nginx-cache: WordPress
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H/1.1 200
OK general_alt.js Show response
replicawebsite.com/js/ 8 KB
4 KB 323ms
322ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/general_alt.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: de13e068daab704b3e5018f1deee48d0cefeff400be95f396d6f3ebe829cfbf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3394
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f2ab0b14dcf3830-FRA
Expires: Mon, 07 Aug 2023 04:24:28 GMT

GET
H/1.1 200
OK appdEUMConfig.js Show response
replicawebsite.com/js/ 1 KB
1 KB 183ms
176ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/appdEUMConfig.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 19280d730497626217386797c9445ad51e8867f92603758a58ffba019d88c061

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 770
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f2ab0b149a3912b-FRA
Expires: Mon, 07 Aug 2023 04:24:28 GMT

GET
H/1.1 200
OK homepage_iaoffer.041c8faa44edf732dd5f.js Show response
replicawebsite.com/js/ 51 KB
22 KB 216ms
209ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/homepage_iaoffer.041c8faa44edf732dd5f.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 9b47a5e651a8661559cb4935e22d126ba086b21a8cda72ea8598e1c29c273629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Transfer-Encoding: chunked
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:44 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
CF-RAY: 7f2ab0b14f455c38-FRA
Expires: Mon, 07 Aug 2023 04:24:28 GMT

GET
H/1.1 200
OK ps-homepage.b96c0ba7c6b812a5f95f.css
replicawebsite.com/css/ 168 KB
43 KB 30ms
24ms Stylesheet
text/css 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 1697510ee355fbc770e2b6265ce3ca7992fc62275f62b41018dc07f6e5938682

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 45967
Transfer-Encoding: chunked
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Cache-Control: max-age=2592000
CF-RAY: 7f2ab0b14c149158-FRA
Expires: Tue, 05 Sep 2023 09:38:21 GMT

GET
H/1.1 200
OK wf_logo_220x23.png
replicawebsite.com/images/ 2 KB
3 KB 17ms
17ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/wf_logo_220x23.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 10c1acb80b088029eab596925f58565e025206d10ef1edded0bf055dac884bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: HIT
Age: 45966
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2503
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f2ab0b37bc4912b-FRA
Expires: Mon, 05 Aug 2024 09:38:22 GMT

GET
H/1.1 200
OK choice-privileges-card-79x50.png
replicawebsite.com/images/ 6 KB
7 KB 18ms
18ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/choice-privileges-card-79x50.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 907c59cb689313a243aca70b3b3f00b64652fe3d26f4e29c20ced42eee329f51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: HIT
Age: 44938
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 6217
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f2ab0b3783e5c32-FRA
Expires: Mon, 05 Aug 2024 09:55:30 GMT

GET
H/1.1 200
OK wfi_ph_b_mv_0723_3954_b_1700x700.jpg
replicawebsite.com/images/ 48 KB
48 KB 35ms
29ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 3176ae9befd81b772a8cf7f0a471e8473e6f76fb1aa3e40321910eab1aeceeba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: HIT
Age: 44939
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 48858
X-nginx-cache: WordPress
Cf-Bgj: h2pri
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f2ab0b14e235c32-FRA
Expires: Mon, 05 Aug 2024 09:55:29 GMT

GET
H/1.1 200
OK ps-homepage.f0a4069fdc0c14e21993.js Show response
replicawebsite.com/js/ 170 KB
70 KB 218ms
217ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/ps-homepage.f0a4069fdc0c14e21993.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 4924ccd5b2fe1ce2bb50e12012838054260e8d3d123116e0479690e8d1b97993

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Transfer-Encoding: chunked
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:50 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
CF-RAY: 7f2ab0b298a45c38-FRA
Expires: Mon, 07 Aug 2023 04:24:28 GMT

GET
H/1.1 200
OK wfui-container-bottom.js Show response
replicawebsite.com/js/ 44 KB
20 KB 18ms
17ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/wfui-container-bottom.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e1634264ecc89070e69bd8f3329545ee3ad27bb19c03295e0f008602385c1dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 14434
Transfer-Encoding: chunked
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:50 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
CF-RAY: 7f2ab0b3480f3830-FRA
Expires: Mon, 07 Aug 2023 00:23:54 GMT

GET
H/1.1 200
OK OyRSeiA Show response
replicawebsite.com/ 206 KB
207 KB 18ms
17ms Script
text/plain 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/OyRSeiA
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: HIT
Age: 14434
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 211125
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f2ab0b378403830-FRA
Expires: Mon, 07 Aug 2023 00:23:54 GMT

GET
H/1.1 404
Not Found general_alt.js
replicawebsite.com/auth/login/static/js/ 0
0 175ms
175ms Script
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/auth/login/static/js/general_alt.js?1js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0b37e919158-FRA

GET
H/1.1 200
OK responsive-sprite-v7.png
replicawebsite.com/images/ 47 KB
48 KB 101ms
23ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/responsive-sprite-v7.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: HIT
Age: 14434
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 48569
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f2ab0b3f8c03830-FRA
Expires: Mon, 05 Aug 2024 18:23:54 GMT

GET
H/1.1 200
OK wellsfargosans-rg.woff2
replicawebsite.com/fonts/ 22 KB
22 KB 27ms
22ms Font
font/woff2 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/fonts/wellsfargosans-rg.woff2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

Request headers

Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Origin: http://replicawebsite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: HIT
Age: 14396
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 22424
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: font/woff2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f2ab0b38cc21d8e-FRA
Expires: Mon, 07 Aug 2023 00:24:31 GMT

GET
H/1.1 200
OK position-1-bg-gradient.png
replicawebsite.com/images/ 3 KB
4 KB 51ms
17ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/position-1-bg-gradient.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 2ea269e3ab15fffe884f7bd14b4d031b5ad61caf406a7c68af5761421d33f43a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: HIT
Age: 28672
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3238
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f2ab0b3d89d3830-FRA
Expires: Mon, 05 Aug 2024 14:26:36 GMT

GET
H/1.1 200
OK position-2-bg-gradient.png
replicawebsite.com/images/ 16 KB
17 KB 33ms
16ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/position-2-bg-gradient.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 94ff650bbcdbc77db561e7aca8ed87f70c13a9e9e98272b2328d0f5a6e0ed92b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: HIT
Age: 14396
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 16614
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f2ab0b3c8833830-FRA
Expires: Mon, 05 Aug 2024 18:24:32 GMT

GET
H/1.1 200
OK position-3-bg-gradient.png
replicawebsite.com/images/ 3 KB
4 KB 178ms
174ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/position-3-bg-gradient.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 6479ba8947559226909296b93e16fee284e8118b0038fff924097c38615684f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3127
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f2ab0b3acee1d8e-FRA
Expires: Mon, 05 Aug 2024 22:24:28 GMT

GET
H/1.1 200
OK wellsfargosans-sbd.woff2
replicawebsite.com/fonts/ 22 KB
23 KB 179ms
173ms Font
font/woff2 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/fonts/wellsfargosans-sbd.woff2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba

Request headers

Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Origin: http://replicawebsite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: REVALIDATED
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 22600
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: font/woff2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f2ab0b39be0912b-FRA
Expires: Mon, 07 Aug 2023 04:24:28 GMT

GET
H/1.1 200
OK wellsfargosans-bd.woff2
replicawebsite.com/fonts/ 22 KB
22 KB 207ms
200ms Font
font/woff2 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/fonts/wellsfargosans-bd.woff2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

Request headers

Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Origin: http://replicawebsite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: REVALIDATED
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 22172
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: font/woff2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f2ab0b398675c32-FRA
Expires: Mon, 07 Aug 2023 04:24:28 GMT

GET
H/1.1 200
OK wellsfargosans-lt.woff2
replicawebsite.com/fonts/ 21 KB
22 KB 36ms
19ms Font
font/woff2 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/fonts/wellsfargosans-lt.woff2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc

Request headers

Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Origin: http://replicawebsite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:28 GMT
CF-Cache-Status: HIT
Age: 14393
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 21636
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: font/woff2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f2ab0b3a8653830-FRA
Expires: Mon, 07 Aug 2023 00:24:34 GMT

GET
H/1.1 200
OK utag.js Show response
c1.wfinterface.com/tracking/hp/ 203 KB
55 KB 91ms
17ms Script
application/javascript 2.17.100.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/hp/utag.js

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/wfui-container-bottom.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

25444adddb06abe6e0a022ff27f9a3ae4f4ade7cd2afa74fc912d462ab07ecd3

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; font-src https: data: 'unsafe-inline'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; font-src https: data: 'unsafe-inline'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 22:24:28 GMT
Last-Modified: Thu, 13 Jul 2023 20:02:10 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"64b05842-32c18"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Connection: keep-alive
Content-Length: 55332
X-XSS-Protection: 1; mode=block

GET
H2 200 Active-Cash-Card-79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 840 B
1 KB 160ms
35ms Image
image/webp 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
etag: "636fb74d-1d25"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2336989
content-length: 840
expires: Sat, 02 Sep 2023 23:34:18 GMT

GET
H2 200 wf_autograph_card_79x50.jpg
www17.wellsfargomedia.com/assets/images/rwd/ 962 B
1 KB 150ms
25ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
x-serial: 2010
x-check-cacheable: YES
etag: "636fb74d-81c"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2311848
content-length: 962
expires: Sat, 02 Sep 2023 16:35:17 GMT

GET
H2 200 Reflect-Card-79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 712 B
912 B 150ms
25ms Image
image/webp 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
etag: "636fb74d-1c20"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2336225
content-length: 712
expires: Sat, 02 Sep 2023 23:21:34 GMT

GET
H2 200 bilt_card_79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 1 KB
1 KB 174ms
49ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
x-serial: 961
x-check-cacheable: YES
etag: "636fc445-1be6"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2337213
content-length: 1083
expires: Sat, 02 Sep 2023 23:38:02 GMT

GET
H2 200 wfi000_ic_b-wf_icon_house_gradient_64x64.png
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/ 1014 B
1 KB 159ms
34ms Image
image/webp 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_house_gradient_64x64.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

2dd29214a6e0591c819798d61c263fd3e1bebee31a2dc2245d5cf5f02a50b3ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:39 GMT
server: Akamai Image Manager
etag: "63cb7c4c-f60"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2337868
content-length: 1014
expires: Sat, 02 Sep 2023 23:48:57 GMT

GET
H2 200 wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/ 1 KB
2 KB 158ms
34ms Image
image/webp 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

4e6f8867d7a5ff6517b0e056099dc1ae31db03322653a27462d5a2b05a332971

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:22 GMT
server: Akamai Image Manager
etag: "63cb7c4c-12d2"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2311902
content-length: 1344
expires: Sat, 02 Sep 2023 16:36:11 GMT

GET
H2 200 wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/ 562 B
763 B 157ms
35ms Image
image/webp 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

de658330c0f53de61d10240f572508c31ee9db580f34b856430724f2e499104c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
etag: "63cb7c4d-769"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2311795
content-length: 562
expires: Sat, 02 Sep 2023 16:34:24 GMT

GET
H2 200 first_time_experience-account_summary.png
www17.wellsfargomedia.com/assets/images/rwd/ 2 KB
2 KB 156ms
34ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
etag: "618287e9-14da"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2337142
content-length: 1662
expires: Sat, 02 Sep 2023 23:36:51 GMT

GET
H2 200 wfi_ph_g_1199830824_1600x700.jpg
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/ 32 KB
32 KB 157ms
35ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

828ad10b1cd19124350d846916da0031a93d1b2f02a74695b97fd82503627318

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:23 GMT
server: Akamai Image Manager
x-serial: 832
x-check-cacheable: YES
etag: "63cb7c4b-172e2"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2358301
content-length: 32345
expires: Sun, 03 Sep 2023 05:29:30 GMT

GET
H2 200 wfi000_ph_g_1345111232_616x353.jpg
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/ 13 KB
13 KB 109ms
109ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
etag: "63cb7c53-e73f"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2363621
content-length: 13330
expires: Sun, 03 Sep 2023 06:58:10 GMT

GET
H2 200 wfi000_ph_g_900217040_616x353.jpg
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/ 23 KB
23 KB 44ms
43ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
etag: "63cb7c49-e902"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2336727
content-length: 23508
expires: Sat, 02 Sep 2023 23:29:56 GMT

GET
H2 200 wfi000_ph_g_557715963_616x353.jpg
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/ 16 KB
16 KB 43ms
43ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f5a1bee943c64e915cc0223d3cc7e402b70794950377eb8ef040c835fad7e156

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:31:11 GMT
server: Akamai Image Manager
etag: "63cb7c4a-ce5a"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2367095
content-length: 15941
expires: Sun, 03 Sep 2023 07:56:04 GMT

GET
H2 200 Native_App_Phone_Personal_v8.png
www17.wellsfargomedia.com/assets/images/rwd/ 7 KB
7 KB 37ms
36ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
etag: "6328cc17-9829"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2311957
content-length: 7363
expires: Sat, 02 Sep 2023 16:37:06 GMT

GET
H2 200 volunteers_cars_616x353.jpg
www17.wellsfargomedia.com/assets/images/rwd/ 19 KB
19 KB 49ms
48ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
x-serial: 1585
x-check-cacheable: YES
etag: "618017dd-cd21"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2311863
content-length: 19628
expires: Sat, 02 Sep 2023 16:35:32 GMT

GET
H2 200 women-in-greenhouse_616x353.png
www17.wellsfargomedia.com/assets/images/rwd/ 30 KB
30 KB 38ms
37ms Image
image/avif 23.56.206.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.206.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-206-223.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
etag: "6410d4f7-b51b"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2336225
content-length: 30860
expires: Sat, 02 Sep 2023 23:21:34 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 610 B
1 KB 152ms
33ms XHR
application/json 34.254.142.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1691360668986

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.142.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-142-64.eu-west-1.compute.amazonaws.com

Software

Resource Hash

724a35a6b782bf466f701c355328e4652a9ccf4b96812c1eafad127fd2dbb9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://replicawebsite.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v050-0db816301.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: p3DF6+p/RXo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://replicawebsite.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 448
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK detector-dom.min.js Show response
c1.wfinterface.com/tracking/gb/ 449 KB
136 KB 21ms
20ms Script
application/javascript 2.17.100.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/gb/detector-dom.min.js

Requested by

Host: c1.wfinterface.com
URL: https://c1.wfinterface.com/tracking/hp/utag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 22:24:29 GMT
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"6423492c-7049c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 138549
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK gtag.js Show response
c1.wfinterface.com/tracking/ga/ 115 KB
45 KB 29ms
17ms Script
application/javascript 2.17.100.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1

Requested by

Host: c1.wfinterface.com
URL: https://c1.wfinterface.com/tracking/hp/utag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 22:24:29 GMT
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"638fae6a-1ca3a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

GET
H2

200

tr
www.facebook.com/
Redirect Chain

http://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&d...
https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&...

0
185 B

97ms
13ms

Image
text/plain

2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0

Protocol

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 06 Aug 2023 22:24:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

Location: https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET idl
api.rlcdn.com/api/identity/ 0
0

GET
H/1.1 200
OK adrum-ext.js Show response
static.wellsfargo.com/assets/js/wfui/appdynamics/ 44 KB
15 KB 86ms
15ms Script
application/javascript 2.17.100.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/appdEUMConfig.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-179.deploy.static.akamaitechnologies.com

Software

Resource Hash

385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
ETag: W/"6047c047-b11c"
Allow: GET, POST, OPTIONS
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 14304

GET
H/1.1

200
OK

gtag.js Show response
c1.wfinterface.com/tracking/ga/
Redirect Chain

http://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
https://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1

115 KB
45 KB

28ms
28ms

Script
application/javascript

2.17.100.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1

Protocol

HTTP/1.1

Server

2.17.100.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 22:24:29 GMT
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"638fae6a-1ca3a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

gtag.js Show response
c1.wfinterface.com/tracking/ga/
Redirect Chain

http://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
https://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153

115 KB
45 KB

19ms
19ms

Script
application/javascript

2.17.100.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153

Protocol

HTTP/1.1

Server

2.17.100.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 22:24:29 GMT
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"638fae6a-1ca3a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

gtag.js Show response
c1.wfinterface.com/tracking/ga/
Redirect Chain

http://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
https://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569

115 KB
45 KB

29ms
16ms

Script
application/javascript

2.17.100.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569

Protocol

HTTP/1.1

Server

2.17.100.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 22:24:29 GMT
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"638fae6a-1ca3a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK cls_report Show response
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/ 4 KB
2 KB 227ms
173ms XHR
application/json 2.17.100.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=1efa64a2-7bdc-45f4-9a9b-fe18824c049b%3A0&_cls_v=b6bac9c1-1433-4a5f-8da0-747b393b9aae&pv=2&f_cls_s=true

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-249.deploy.static.akamaitechnologies.com

Software

Resource Hash

483f5404137cb32a4302cca991594fe8d6e4759d52a47f330926bf5e95b58035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: origin, Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: http://replicawebsite.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1039
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ga.js Show response
c1.wfinterface.com/tracking/ga/ 48 KB
20 KB 20ms
19ms Script
application/javascript 2.17.100.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/ga.js

Requested by

Host: c1.wfinterface.com
URL: http://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 22:24:29 GMT
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"613a44c0-c025"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 19477
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

activityi;dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F... Show response
2549153.fls.doubleclick.net/ Frame 5284
Redirect Chain

http://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2...
http://2549153.fls.doubleclick.net/activityi;dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCT...

523 B
1002 B

41ms
41ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://2549153.fls.doubleclick.net/activityi;dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F?

Requested by

Host: c1.wfinterface.com
URL: http://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153

Protocol

HTTP/1.1

Server

142.250.186.70 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

4895be5501ed501800f1f936e01ef04520730d38352f04afbe13bb1003a7cd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://replicawebsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Content-Length: 418
Content-Type: text/html; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 06 Aug 2023 22:24:29 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: cafe
Strict-Transport-Security: max-age=21600
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 06 Aug 2023 22:24:29 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Follow-Only-When-Prerender-Shown: 1
Location: http://2549153.fls.doubleclick.net/activityi;dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F?
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: cafe
Strict-Transport-Security: max-age=21600
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H/1.1 200
OK ga_conversion_async.js Show response
c1.wfinterface.com/tracking/ga/ 35 KB
14 KB 21ms
21ms Script
application/javascript 2.17.100.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/ga_conversion_async.js

Requested by

Host: c1.wfinterface.com
URL: http://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 22:24:29 GMT
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"613a44c0-8c31"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 13593
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 610 B
1 KB 34ms
34ms XHR
application/json 34.254.142.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=83550915878797453293282353557886952119&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202306291422131689925285%011&ts=1691360669217

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.142.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-142-64.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8853855d5a446b54b233fe86c9f1f54ba44e633de67bc286112f731b3875c6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://replicawebsite.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v050-0ae28a8cd.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: YXum1UAbSuI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://replicawebsite.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 448
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK event Show response
wellsfargobankna.demdex.net/ 815 B
1 KB 133ms
34ms XHR
application/json 54.76.136.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1691360668990

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.136.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-136-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b0440f39bb98c7da0a40453fbd9ce519c2f06bb23372251fb033b2b0ed17fce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://replicawebsite.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v050-0d4b97179.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 6lfJcc80Q+A=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://replicawebsite.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 446
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 404
Not Found jsLog Show response
replicawebsite.com/as/ 2 KB
2 KB 2529ms
2528ms XHR
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/as/jsLog
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 52e9d98f0a71f1203f8afbee0d72bca69d790311632af4fcbf04ed346059f579

Request headers

Referer: http://replicawebsite.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sun, 06 Aug 2023 22:24:31 GMT
Content-Encoding: gzip
X-nginx-cache: WordPress
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Newfold-Cache-Level: 2
X-Endurance-Cache-Level: 2
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-RAY: 7f2ab0b6cc215c32-FRA
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK adrum-ext.b4436be974de477658d4a93afb752165.js Show response
static.wellsfargo.com/assets/js/wfui/appdynamics/ 47 KB
16 KB 16ms
16ms Script
application/javascript 2.17.100.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-179.deploy.static.akamaitechnologies.com

Software

Resource Hash

7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
ETag: W/"60401fd0-bbed"
Allow: GET, POST, OPTIONS
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 15970

GET
H/1.1 200
OK ec.js Show response
c1.wfinterface.com/tracking/ga/ 3 KB
2 KB 19ms
19ms Script
application/javascript 2.17.100.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/ec.js

Requested by

Host: c1.wfinterface.com
URL: https://c1.wfinterface.com/tracking/ga/ga.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 06 Aug 2023 22:24:29 GMT
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"613a44c0-aed"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 1313
X-XSS-Protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
146 B 34ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=1390615430&t=pageview&_s=1&dl=http%3A%2F%2Freplicawebsite.com%2F&ul=en-us&de=windows-1252&dt=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUALBAAAAC~&jid=109947151&gjid=1380878348&cid=1113447706.1691360669&tid=UA-107148943-1&_gid=1408337482.1691360669&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202306291422131689925285&cd12=BROWSER&cd22=hp&cd23=4.49.0&gtm=2ou8g0&cd35=1113447706.1691360669&z=784828373

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://replicawebsite.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:24:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://replicawebsite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/984436569/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1691360669278&cv=9&fst=1691360669278&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_...
https://www.google.com/pagead/1p-user-list/984436569/?random=1691360669278&cv=9&fst=1691359200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u...
https://www.google.de/pagead/1p-user-list/984436569/?random=1691360669278&cv=9&fst=1691359200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_...

42 B
154 B

42ms
18ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984436569/?random=1691360669278&cv=9&fst=1691359200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Freplicawebsite.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&random=2096447133&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:24:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:24:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/984436569/?random=1691360669278&cv=9&fst=1691359200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Freplicawebsite.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&random=2096447133&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
92 B 15ms
8ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1390615430&t=timing&_s=2&dl=http%3A%2F%2Freplicawebsite.com%2F&ul=en-us&de=windows-1252&dt=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=823&pdt=4&dns=10&rrt=0&srt=210&tcp=6&dit=745&clt=745&_gst=1018&_gbt=1127&_cst=822&_cbt=1011&_u=4GBACUALBAAAAC~&jid=&gjid=&cid=1113447706.1691360669&tid=UA-107148943-1&_gid=1408337482.1691360669&gtm=2ou8g0&z=1984465030

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 13:37:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
301 B 10ms
8ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1390615430&t=event&ni=1&_s=3&dl=http%3A%2F%2Freplicawebsite.com%2F&ul=en-us&de=windows-1252&dt=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Internal%20Promotions&ea=impressions&el=http%3A%2F%2Freplicawebsite.com%2F&_u=6GBACUALBAAAAC~&jid=&gjid=&cid=1113447706.1691360669&tid=UA-107148943-1&_gid=1408337482.1691360669&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202306291422131689925285&cd12=BROWSER&cd22=hp&cd23=4.49.0&gtm=2ou8g0&cd35=1113447706.1691360669&promo1id=cmsDefault&promo1nm=cmsDefault&promo1cr=en&promo1ps=WF_CON_HP_PRIMARY_BNR&promo2id=cmsDefault&promo2nm=cmsDefault&promo2cr=en&promo2ps=WF_CON_HP_SML_PRIMARY&promo3id=cmsDefault&promo3nm=cmsDefault&promo3cr=en&promo3ps=WF_CON_HP_SML_PRIMARY&promo4id=cmsDefault&promo4nm=cmsDefault&promo4cr=en&promo4ps=WF_CON_HP_SML_PRIMARY&promo5id=cmsDefault&promo5nm=cmsDefault&promo5cr=en&promo5ps=WF_CON_HP_LRG_PROMO&promo6id=cmsDefault&promo6nm=cmsDefault&promo6cr=en&promo6ps=WF_CON_HP_SML_PROMO&promo7id=cmsDefault&promo7nm=cmsDefault&promo7cr=en&promo7ps=WF_CON_HP_SML_PROMO&promo8id=cmsDefault&promo8nm=cmsDefault&promo8cr=en&promo8ps=WF_CON_HP_SML_PROMO&z=686877168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 13:37:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicaweb... Show response
adservice.google.com/ddm/fls/i/ Frame F322 522 B
664 B 79ms
43ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F

Requested by

Host: 2549153.fls.doubleclick.net
URL: http://2549153.fls.doubleclick.net/activityi;dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b56197e5cdcca28bfd26efe8c421e9ead5e627e78d58ca374dabe34cb3336327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 22:24:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1113447706.1691360669&jid=109947151&gjid=1380878348&_gid=1408337482.1691360669&_u=4GBACUAKBAAAAC~&z=1369027850

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://replicawebsite.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Aug 2023 22:24:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://replicawebsite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 error.gif
pdx-col.eum-appdynamics.com/eumcollector/ 26 B
365 B 558ms
177ms Image
image/gif 35.166.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.226.75 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-226-75.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536010; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:24:29 GMT
strict-transport-security: max-age=31536010; includeSubDomains
x-content-type-options: nosniff
server: envoy
vary: *
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

GET
H2 200 error.gif
pdx-col.eum-appdynamics.com/eumcollector/ 26 B
366 B 557ms
177ms Image
image/gif 35.166.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.226.75 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-226-75.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536010; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:24:29 GMT
strict-transport-security: max-age=31536010; includeSubDomains
x-content-type-options: nosniff
server: envoy
vary: *
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1113447706.1691360669&jid=109947151&_u=4GBACUAKBAAAAC~&z=1773812436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:24:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1113447706.1691360669&jid=109947151&_u=4GBACUAKBAAAAC~&z=1773812436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:24:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicaweb... Show response
adservice.google.de/ddm/fls/i/ Frame C3CF 194 B
515 B 93ms
44ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CM2cgb-JyYADFU0hGAod64UEMw;src=2549153;type=allv40;cat=all_a00;ord=9355961872152;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 22:24:29 GMT
expires: Sun, 06 Aug 2023 22:24:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 script.js Show response
cdnstat.net/get/ 129 B
705 B 85ms
55ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstat.net/get/script.js?referrer=http://replicawebsite.com/
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/ps-homepage.f0a4069fdc0c14e21993.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.21
Resource Hash: c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 22:24:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.21
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: http://replicawebsite.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJO%2FCz4aGrxmm3wWM%2BbQf5YN7TgE6zB14cN3oXhks4XwqBEMKptdHADW0IEE96%2BqlgDfpRg%2FHaSyOw1UZg%2BwpJwQxblNAvI%2BfG4HJ18%2FtjN%2Fq6JLbPkKAzc9ctoTAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7f2ab0baae10371c-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

POST
H2 200 adrum Show response
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/ 0
776 B 513ms
171ms XHR
text/html 35.166.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.226.75 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-226-75.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536010; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: http://replicawebsite.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:24:30 GMT
strict-transport-security: max-age=31536010; includeSubDomains
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 183ms
183ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670324&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0bd88b31d8e-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 182ms
182ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670328&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0bd9df1912b-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 191ms
191ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670328&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0bd99e99158-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 184ms
183ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670329&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0bd9abf3830-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 212ms
212ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670329&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0bd9b1c5c38-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 362ms
176ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691360670330&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0beba201d8e-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 364ms
179ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670330&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228778-16%7Etcm%3A91-228643-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0becf03912b-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 362ms
176ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691360670331&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0becbd13830-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 367ms
177ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670331&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228784-16%7Etcm%3A91-228643-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0becb809158-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 424ms
214ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691360670331&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0beec4f5c38-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 555ms
190ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670332&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0bfeb711d8e-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 702ms
338ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691360670332&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:31 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0bfeced3830-FRA

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 552ms
188ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670333&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 22:24:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f2ab0bfeff7912b-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/idl?pid=1317

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38	1969-12-31 23:59:59	Name: _cls_cfgver Value: c31911bd
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38	1969-12-31 23:59:59	Name: _cls_s Value: 1efa64a2-7bdc-45f4-9a9b-fe18824c049b:0
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38	1969-12-31 23:59:59	Name: _cls_v Value: b6bac9c1-1433-4a5f-8da0-747b393b9aae
replicawebsite.com/	1970-01-20 13:50:00	Name: PHPREFS Value: full
.demdex.net/	1970-01-20 18:08:32	Name: demdex Value: 83581777465080087383278702733767809188
.replicawebsite.com/	1969-12-31 23:59:59	Name: AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg Value: 1
replicawebsite.com/	1970-01-20 14:32:32	Name: _ga Value: GA1.1.1113447706.1691360669
replicawebsite.com/	1970-01-20 13:50:47	Name: _gid Value: GA1.1.1408337482.1691360669
replicawebsite.com/	1970-01-20 13:49:20	Name: _gat_gtag_UA_107148943_1 Value: 1
.replicawebsite.com/	1970-01-20 23:25:20	Name: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg Value: -1124106680%7CMCMID%7C83550915878797453293282353557886952119%7CMCAAMLH-1691965469%7C6%7CMCAAMB-1691965469%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C766260727%7CMCOPTOUT-1691367869s%7CNONE%7CvVersion%7C5.2.0
.doubleclick.net/	1970-01-20 13:49:21	Name: test_cookie Value: CheckForPermission

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://replicawebsite.com/auth/login/static/js/general_alt.js?1js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://replicawebsite.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/idl?pid=1317' from origin 'http://replicawebsite.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/idl?pid=1317 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670324&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670328&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670329&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670328&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670329&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691360670330&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691360670331&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670330&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228778-16%7Etcm%3A91-228643-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670331&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228784-16%7Etcm%3A91-228643-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691360670331&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670333&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691360670332&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691360670332&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/as/jsLog Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2549153.fls.doubleclick.net
adservice.google.com
adservice.google.de
api.rlcdn.com
c1.wfinterface.com
cdnstat.net
dpm.demdex.net
googleads.g.doubleclick.net
pdx-col.eum-appdynamics.com
replicawebsite.com
rubicon.wellsfargo.com
static.wellsfargo.com
stats.g.doubleclick.net
wellsfargobankna.demdex.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www17.wellsfargomedia.com
api.rlcdn.com
142.250.186.70
188.114.96.3
2.17.100.179
2.17.100.202
2.17.100.249
23.56.206.223
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:812::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c00::9b
2a03:2880:f145:82:face:b00c:0:25de
34.254.142.64
35.166.226.75
54.76.136.163
66.235.200.146
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
10c1acb80b088029eab596925f58565e025206d10ef1edded0bf055dac884bbf
1697510ee355fbc770e2b6265ce3ca7992fc62275f62b41018dc07f6e5938682
19280d730497626217386797c9445ad51e8867f92603758a58ffba019d88c061
25444adddb06abe6e0a022ff27f9a3ae4f4ade7cd2afa74fc912d462ab07ecd3
2dd29214a6e0591c819798d61c263fd3e1bebee31a2dc2245d5cf5f02a50b3ea
2ea269e3ab15fffe884f7bd14b4d031b5ad61caf406a7c68af5761421d33f43a
3176ae9befd81b772a8cf7f0a471e8473e6f76fb1aa3e40321910eab1aeceeba
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
483f5404137cb32a4302cca991594fe8d6e4759d52a47f330926bf5e95b58035
4895be5501ed501800f1f936e01ef04520730d38352f04afbe13bb1003a7cd0c
4924ccd5b2fe1ce2bb50e12012838054260e8d3d123116e0479690e8d1b97993
4e6f8867d7a5ff6517b0e056099dc1ae31db03322653a27462d5a2b05a332971
52e9d98f0a71f1203f8afbee0d72bca69d790311632af4fcbf04ed346059f579
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
6479ba8947559226909296b93e16fee284e8118b0038fff924097c38615684f2
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
724a35a6b782bf466f701c355328e4652a9ccf4b96812c1eafad127fd2dbb9f1
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
828ad10b1cd19124350d846916da0031a93d1b2f02a74695b97fd82503627318
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4
8853855d5a446b54b233fe86c9f1f54ba44e633de67bc286112f731b3875c6b9
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
907c59cb689313a243aca70b3b3f00b64652fe3d26f4e29c20ced42eee329f51
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
94ff650bbcdbc77db561e7aca8ed87f70c13a9e9e98272b2328d0f5a6e0ed92b
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
9b47a5e651a8661559cb4935e22d126ba086b21a8cda72ea8598e1c29c273629
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
b0440f39bb98c7da0a40453fbd9ce519c2f06bb23372251fb033b2b0ed17fce6
b56197e5cdcca28bfd26efe8c421e9ead5e627e78d58ca374dabe34cb3336327
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810
de13e068daab704b3e5018f1deee48d0cefeff400be95f396d6f3ebe829cfbf5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de658330c0f53de61d10240f572508c31ee9db580f34b856430724f2e499104c
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
e0830df8e9e4434ad80c70f677266c654bf2c37ee184867f41c7dc65c5e6160f
e1634264ecc89070e69bd8f3329545ee3ad27bb19c03295e0f008602385c1dc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a1bee943c64e915cc0223d3cc7e402b70794950377eb8ef040c835fad7e156
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d

replicawebsite.com Open in urlscan Pro 66.235.200.146 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

49 %HTTPS

44 %IPv6

13 Domains

19 Subdomains

18 IPs

5 Countries

1212 kBTransfer

2434 kBSize

11 Cookies

23 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

replicawebsite.com Open in urlscan Pro
66.235.200.146 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

49 %
HTTPS

44 %
IPv6

13
Domains

19
Subdomains

18
IPs

5
Countries

1212 kB
Transfer

2434 kB
Size

11
Cookies

80 HTTP transactions
0 data transactions