urlscan.io logo urlscan.io
SecurityTrails logo

privatebank.wf.com Open in urlscan Pro
54.70.67.52  Public Scan

Go To Rescan Add Verdict Report
URL: https://privatebank.wf.com/conversations/
Submission: On November 30 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 16 domains to perform 42 HTTP transactions. The main IP is 54.70.67.52, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is privatebank.wf.com.
TLS certificate: Issued by Wells Fargo Public Trust Certificatio... on November 19th 2019. Valid for: 2 years.
This is the only time privatebank.wf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    54.70.67.52 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-67-52.us-west-2.compute.amazonaws.com
privatebank.wf.com
1    2a02:26f0:6c00:284::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.optimizely.com
1    104.109.54.208 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-54-208.deploy.static.akamaitechnologies.com
cloud.typography.com
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    13.35.253.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-117.fra6.r.cloudfront.net
don1uexbbetbo.cloudfront.net
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2600:9000:2057:aa00:14:1777:2380:21 (United States)

ASN16509 (AMAZON-02, US)
duwi1u1qftsi6.cloudfront.net
1    2a02:26f0:10e:2b0::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
sjs.bizographics.com
1    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.208.124 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-124.fra53.r.cloudfront.net
cdn.zarget.com
1    2600:9000:2190:d600:12:1bcc:1d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.knotch-cdn.com
1    2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:9000:2190:2600:c:d8a6:21c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
units.knotch.it
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    18.232.246.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-246-204.compute-1.amazonaws.com
ip.freshmarketer.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
13 privatebank.wf.com privatebank.wf.com
9 duwi1u1qftsi6.cloudfront.net privatebank.wf.com
4 www.google-analytics.com www.googletagmanager.com
privatebank.wf.com
www.google-analytics.com
3 units.knotch.it www.knotch-cdn.com
2 px.ads.linkedin.com 1 redirects privatebank.wf.com
2 stats.g.doubleclick.net www.google-analytics.com
1 ip.freshmarketer.com cdn.zarget.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com sjs.bizographics.com
1 www.knotch-cdn.com privatebank.wf.com
1 cdn.zarget.com privatebank.wf.com
1 script.crazyegg.com privatebank.wf.com
1 sjs.bizographics.com privatebank.wf.com
1 www.googletagmanager.com privatebank.wf.com
1 don1uexbbetbo.cloudfront.net privatebank.wf.com
1 ajax.googleapis.com privatebank.wf.com
1 cloud.typography.com 1 redirects
1 cdn.optimizely.com privatebank.wf.com
42 18

This site contains links to these domains. Also see Links.

Domain
www.wellsfargo.com
m.wellsfargo.com
Subject Issuer Validity Valid
portfoliopremier.wf.com
Wells Fargo Public Trust Certification Authority 01 G2		 2019-11-19 -
2021-11-15		 2 years crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA		 2020-03-23 -
2022-03-28		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-09 -
2021-06-09		 a year crt.sh
cdn.zarget.com
Amazon		 2020-06-06 -
2021-07-06		 a year crt.sh
www.knotch-cdn.com
Amazon		 2020-10-07 -
2021-11-07		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.knotch.it
Amazon		 2020-08-08 -
2021-09-07		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
*.freshmarketer.com
Amazon		 2020-07-27 -
2021-08-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://privatebank.wf.com/conversations/
Frame ID: 9A17C7BF2C1D4A882A9DFE43A050195C
Requests: 52 HTTP requests in this frame

Frame: https://units.knotch.it/reporter/ver-ea9ff46/index.html
Frame ID: 79570D50B2141B6BCC4735C41D653920
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

42
Requests

100 %
HTTPS

75 %
IPv6

16
Domains

18
Subdomains

19
IPs

6
Countries

1815 kB
Transfer

2991 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cloud.typography.com/6313332/7280412/css/fonts.css HTTP 302
  • https://privatebank.wf.com/conversations/fonts/787917/55029DD49B954E543.css
Request Chain 46
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8554&time=1606771703927&url=https%3A%2F%2Fprivatebank.wf.com%2Fconversations%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D8554%26time%3D1606771703927%26url%3Dhttps%253A%252F%252Fprivatebank.wf.com%252Fconversations%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8554&time=1606771703927&url=https%3A%2F%2Fprivatebank.wf.com%2Fconversations%2F&liSync=true

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
privatebank.wf.com/conversations/ 		53 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
87a629efb615c7c988cb2f89009ffec52f7bdd15c720f54e0ee8b685c40bd6fb
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
privatebank.wf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Mon, 30 Nov 2020 21:28:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Link
<https://privatebank.wf.com/conversations/wp-json/>; rel="https://api.w.org/"
Expires
Mon, 30 Nov 2020 22:28:21 GMT
Cache-Control
max-age=3600
X-Proxy-Cache
HIT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=8640000; includeSubdomains
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
2638890452.js
cdn.optimizely.com/js/ 		170 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/2638890452.js
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:284::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b58354d33440cf7a267f8eabe504f021709fec3dae1262955a8cc63640143cf4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
S_rz382vPtE19VakuhvcCORy27cNDOZW
content-encoding
gzip
etag
"3a4a8048b9932d466f6fda2a11b9de0c"
x-amz-request-id
1BF381C64A766F35
x-amz-meta-revision
12
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:284::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
62158
x-amz-id-2
qiFMFTi7k/wtty8IwEflaxUbXlCVNhCRU+8S+BG3DBMV7PQtJRc+JfMIWce6AlVTUz4YKGs8+rc=
last-modified
Thu, 01 Mar 2018 21:36:23 GMT
server
AmazonS3
date
Mon, 30 Nov 2020 21:28:21 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
55029DD49B954E543.css
privatebank.wf.com/conversations/fonts/787917/
Redirect Chain
  • https://cloud.typography.com/6313332/7280412/css/fonts.css
  • https://privatebank.wf.com/conversations/fonts/787917/55029DD49B954E543.css
178 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/fonts/787917/55029DD49B954E543.css
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1e65a7891d1ac5c3b805d0e04351465d0160aeb6db96d3d27414074eaf5a067a
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:45:06 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886d2-2c670"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
text/css
Expires
Tue, 27 Oct 2020 21:45:06 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT

Redirect headers

Date
Mon, 30 Nov 2020 21:28:22 GMT
Last-Modified
Thu, 09 Jul 2020 18:33:57 GMT
Server
AkamaiNetStorage
ETag
"a639697c6642b2ab07abac8a2594f30a:1594319637"
Content-Type
text/html
Location
https://privatebank.wf.com/conversations/fonts/787917/55029DD49B954E543.css
Cache-Control
must-revalidate, private
Connection
keep-alive
X-HCo-pid
14
Content-Length
154
Expires
Mon, 30 November 2020 21:28:22 GMT
style.min.css
privatebank.wf.com/conversations/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:44:59 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886cb-d293"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
text/css
Expires
Tue, 27 Oct 2020 21:44:59 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
main.css
privatebank.wf.com/conversations/wp-content/themes/conversations_legacy/assets/build/css/ 		275 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/wp-content/themes/conversations_legacy/assets/build/css/main.css?ver=20201130
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
73ace22e0626444ae2e6e8fefa051cd8ccd8deac1116f5d9b45098d2345ef0d2
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:45:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886cc-44d59"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
text/css
Expires
Tue, 27 Oct 2020 21:45:00 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=3.3.1
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 28 Nov 2020 10:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210968
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Nov 2021 10:52:13 GMT
jquery-migrate.min.js
privatebank.wf.com/conversations/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:44:57 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886c9-2748"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
application/javascript
Expires
Tue, 27 Oct 2020 21:44:57 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
modernizr-2.7.0.min.js
privatebank.wf.com/conversations/wp-content/themes/pi/assets/static/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/wp-content/themes/pi/assets/static/js/modernizr-2.7.0.min.js?ver=2.7
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0699dfa4e15c1b3da595b941bbe3ccb1770d0e8ac36ca1f55bf3069b72fe8f15
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:44:59 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886cb-435a"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
application/javascript
Expires
Tue, 27 Oct 2020 21:44:59 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
picturefill.min.js
privatebank.wf.com/conversations/wp-content/themes/pi/assets/static/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/wp-content/themes/pi/assets/static/js/picturefill.min.js?ver=2.3.1
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:45:06 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886d2-1e1b"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
application/javascript
Expires
Tue, 27 Oct 2020 21:45:06 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
wfc-logo.svg
privatebank.wf.com/conversations/assets/build/img/ 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatebank.wf.com/conversations/assets/build/img/wfc-logo.svg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
174c65495b013364661b5a6bbf8e5e93bb4b1b755e2aa959c6b66defa96c4f78
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:44:57 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886c9-279e"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
image/svg+xml
Expires
Tue, 27 Oct 2020 21:44:57 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
wfc-logo-small.svg
privatebank.wf.com/conversations/assets/build/img/ 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatebank.wf.com/conversations/assets/build/img/wfc-logo-small.svg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4bd2897386878a0b33205916755a95c1f4ab8a81c47350b89bbd73b2d9c1c7b8
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:45:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886cc-272a"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
image/svg+xml
Expires
Tue, 27 Oct 2020 21:45:00 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
icon-equal-housing.jpg
don1uexbbetbo.cloudfront.net/content/art/newsletter/ 		776 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://don1uexbbetbo.cloudfront.net/content/art/newsletter/icon-equal-housing.jpg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-117.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
397bf475ca4b12d3595efbfebb09b9dff2529df4c3a55e5a3bbe7fab0a5cefe7

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 24 Nov 2020 15:34:13 GMT
Via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 28 Nov 2017 16:00:44 GMT
Server
AmazonS3
Age
539651
ETag
"c1f4a5e719c90b47be1fa329d75b9d75"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
776
X-Amz-Cf-Id
Q-CbMKFlgbExbMzmLz33-r4X5NyfRntCHrWdDGuBqyU-XTwl4GetKg==
vimeo.ga.js
privatebank.wf.com/conversations/assets/build/vendor/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/assets/build/vendor/vimeo.ga.js
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3edd2bbfb51badd1e52a86d374740dd1978dc5bb320187d519055b3eb28c98b2
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:44:57 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886c9-1b3f"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
application/javascript
Expires
Tue, 27 Oct 2020 21:44:57 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
all.js
privatebank.wf.com/conversations/wp-content/themes/conversations_legacy/assets/build/js/ 		118 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/wp-content/themes/conversations_legacy/assets/build/js/all.js?ver=20201130
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
86c8062b655d9b737b46e9f12b3b6a6005bfacbb7edbb1a3a13d540fa33bce2d
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:45:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886cc-1d8b6"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
application/javascript
Expires
Tue, 27 Oct 2020 21:45:00 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
wp-embed.min.js
privatebank.wf.com/conversations/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 20:44:57 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5f9886c9-59a"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
application/javascript
Expires
Tue, 27 Oct 2020 21:44:57 GMT
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
gtm.js
www.googletagmanager.com/ 		132 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTPXLG
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c4f36d32d3800317b54f3cadedfd8164f252db13e0ef0b0ad61fb89809af54a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 21:28:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41516
x-xss-protection
0
last-modified
Mon, 30 Nov 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Nov 2020 21:28:23 GMT
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
105dcebcb57135f252f9b3e5eacfdc1b0d6c24e38c7ef4ae0660409ac96551a6

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a5f8c7a647eca33ff53a23908b8d95fb689d80af734046b758c534fa1b93a8e

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
wf-icons.ttf
privatebank.wf.com/conversations/wp-content/themes/conversations_legacy/assets/build/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://privatebank.wf.com/conversations/wp-content/themes/conversations_legacy/assets/build/fonts/wf-icons.ttf?p8z402
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/wp-content/themes/conversations_legacy/assets/build/css/main.css?ver=20201130
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.70.67.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-67-52.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
503a9ea3cdbd9a1b9dd481e15dd48e524f4833c58757b3a8a61b899a6be8b293
Security Headers
Name Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://privatebank.wf.com
Referer
https://privatebank.wf.com/conversations/wp-content/themes/conversations_legacy/assets/build/css/main.css?ver=20201130
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:23 GMT
Last-Modified
Tue, 27 Oct 2020 20:44:57 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
"5f9886c9-2654"
Strict-Transport-Security
max-age=8640000; includeSubdomains
Content-Type
application/octet-stream
Expires
Tue, 27 Oct 2020 21:44:57 GMT
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9812
X-XSS-Protection
1; mode=block
X-Proxy-Cache
HIT
truncated
/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12c4ca711998f3a9b8d858d549fcc352ea741fb8486242b6cf2d08e30a01040c

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6683b06f971799973c8f67fc3126dc6ee52dd7d5164113b94c57f3927ccda4f5

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79f855cd7d6b1aa8e8c35e4301b24bd0a0f76419220276612351b8866d812a13

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e3487e9e5089de5622370e8358318c5a8f5293b81db6c1e7ed351790b98eb44

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
WFC_Oct_YearEndChecklist_1400x550.jpg
duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/09/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/09/WFC_Oct_YearEndChecklist_1400x550.jpg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:14:1777:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4cb98a391e8d6eaf7fc82316bb53979621f3aa1bcf9a4c8bfdc0adbc808df23

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 08:44:47 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Mon, 31 Aug 2020 18:26:56 GMT
server
AmazonS3
age
823417
etag
"a24530fd7cb5cdc95aa8d479471f4ada"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
140292
x-amz-cf-id
WsAzucsqdguG3SlChvpupvRUfkqHKpfSwz6mcaL5Ir8RmtNI76EdxA==
expires
Tue, 31 Aug 2021 18:26:54 GMT
WFC-Thumb-LIBORtoSOFR-1214822053-358x200-1.jpg
duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/11/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/11/WFC-Thumb-LIBORtoSOFR-1214822053-358x200-1.jpg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:14:1777:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0be8d552637da64f4092fb285c57163dad751867cef997f522275d43bad7025a

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 14:18:56 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Mon, 02 Nov 2020 16:06:33 GMT
server
AmazonS3
age
25768
etag
"5c4c43a04ca3e0736f87e76e0f913995"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
30364
x-amz-cf-id
V2-w0otK8xG7d3G3oq42J9yrOyk3leGVQfWXcneOJ85s9U_JLvuwTw==
expires
Tue, 02 Nov 2021 16:06:32 GMT
WF-Thumb-Corporate-giving-Anita-Zucker-profile1144711962-358x200-1.jpg
duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/10/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/10/WF-Thumb-Corporate-giving-Anita-Zucker-profile1144711962-358x200-1.jpg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:14:1777:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b91c356e1c85c973f77904daabe561ab71b6711d4f71aa0553bfa02e4d63604

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 15:34:13 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Fri, 30 Oct 2020 18:40:22 GMT
server
AmazonS3
age
539651
etag
"655138ceb28f65a1355938976b7e2f09"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
34988
x-amz-cf-id
U3prH7jD1_Nd7n_dZ9j9X2kcKFKjWrsheg4FsjpRFeIx_gE4Gauing==
expires
Sat, 30 Oct 2021 18:40:21 GMT
GettyImages-529363167-1_358x200.jpg
duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/10/GettyImages-529363167-1_358x200.jpg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:14:1777:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdf3df4f34708fdcee02014feee7c44c3847e083b4afbcf69ccb6b1fa41efad9

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 01:04:09 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Tue, 27 Oct 2020 12:45:01 GMT
server
AmazonS3
age
1196655
etag
"b0b526680248762b26c1d0abe0310b60"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
19004
x-amz-cf-id
T3tZU8AR7XCRJYPRCPBuK_UIQA4NPjdvRycBL_ar65ngrTQaO50ZmQ==
expires
Wed, 27 Oct 2021 12:44:59 GMT
WFC-Thumb-Outlook2021Report-473954724-358x200-1.jpg
duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/10/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/10/WFC-Thumb-Outlook2021Report-473954724-358x200-1.jpg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:14:1777:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0241c4336f9637e1922448ea2e228f77fd6638de7273d243bdf2396f6e06428

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 16:28:28 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Fri, 23 Oct 2020 19:02:55 GMT
server
AmazonS3
age
1832396
etag
"e4153e7480c48461382670c3e22d4d34"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
74627
x-amz-cf-id
TXIblAMXL2eeUK6puqMUqXOk2TQaHAxffpLojC8RvrK-EHY33Z1Z3Q==
expires
Sat, 23 Oct 2021 19:02:53 GMT
WFC_Dec_Booksworthreading_Thumb.jpg
duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/10/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/10/WFC_Dec_Booksworthreading_Thumb.jpg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:14:1777:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
966b62240b7ec2f92976afeda12ac23d15146353dbc4c2f4896f0f7700ae3e1d

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 15:47:35 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Wed, 21 Oct 2020 12:39:30 GMT
server
AmazonS3
age
711649
etag
"ac6f7832a59a817e8c30f6016e381132"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
11732
x-amz-cf-id
BS4SH9HqHauPJwsHOw69Nh4j413wUOLmSKcAefBmAC2aXnM3_k8log==
expires
Thu, 21 Oct 2021 12:39:29 GMT
WFC-Thumb-ResilienceFutureGens-1250637018-358x200-1.jpg
duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/09/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/09/WFC-Thumb-ResilienceFutureGens-1250637018-358x200-1.jpg
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:14:1777:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbba555dc52a36884013c703d85fd10ea40903d0b772b90bd9b8e18442148783

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 16:24:48 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 2020 18:01:11 GMT
server
AmazonS3
age
1919015
etag
"f82d509855c02727ce6b197f60bf9e1c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
51026
x-amz-cf-id
qV1hgwDzXxW-vPPF4ZvbYWecrypEjSzYSSeDjt3M7Zt9UeuhoFudhA==
expires
Tue, 28 Sep 2021 18:01:10 GMT
insight.min.js
sjs.bizographics.com/ 		965 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e:2b0::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=42744
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629137b2bb51ec3ef645586f184ecf4ded64476070b4cc0ad6385a8b4e097ff2

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1416dcfe4d3ad22fb901df4b72b88561f12408c83406670b810b9ae4f89cda83

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de0bf673d3d3ad953531b8b14d892ac14ea04105b61d2d33861116c3f189dab3

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
442a59091f7c2e20019900e44ecf0f37e2373147910477c211776df1a7ece518

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
950550c872d6af26860ccfba5378bcf46d124666862c28287816162bba24046f

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8b3ec99ec98004ab1fc2353f2d79b2635e2a868d31920a7631c7be93576b130

Request headers

Origin
https://privatebank.wf.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
0073.js
script.crazyegg.com/pages/scripts/0033/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0033/0073.js?446325
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 21:28:23 GMT
cf-cache-status
HIT
last-modified
Mon, 30 Nov 2020 19:41:21 GMT
server
cloudflare
age
6422
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
5fa7a86c2915c2f4-FRA
content-length
0
cf-request-id
06bca797960000c2f4d8367000000001
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTPXLG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5912
date
Mon, 30 Nov 2020 19:49:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 30 Nov 2020 21:49:51 GMT
398493.js
cdn.zarget.com/157544/ 		364 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zarget.com/157544/398493.js
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.208.124 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-208-124.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d85283daf37534c4823abe8eff01b3e4cb7dc3c45c9a2aa51695a55b5b939002

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
ZJpZgtB6pXf7RpQ0gdV7q5dYwyoYedfT
content-encoding
gzip
etag
"3c95af24de82864d7e87a1a46f62c550"
last-modified
Mon, 28 Sep 2020 19:47:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
cache-control
max-age=120
date
Mon, 30 Nov 2020 21:28:25 GMT
x-amz-cf-id
naEX0lIYBnpTvPOUNJ-XTiF-JSSzU1qRAPZDuZNMyY06Le7exwmBaA==
knotch.min.js
www.knotch-cdn.com/unit/latest/ 		139 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.knotch-cdn.com/unit/latest/knotch.min.js
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:d600:12:1bcc:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02b7d8181d1254914407f22085f6e5c41abda64a8d1c9ec2c66194f18809ecf5

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 16:36:49 GMT
content-encoding
gzip
last-modified
Mon, 30 Nov 2020 16:36:41 GMT
server
AmazonS3
age
17495
etag
W/"dd4aed006c9006dafd4170477951f96b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
G4G_hzpNR9kyUKuw3A01U4ZQlx2WtsB4lvtLUYyoNiUzDQ3-QWcFJg==
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: sjs.bizographics.com
URL: https://sjs.bizographics.com/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 21:28:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=14376
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1799
collect
stats.g.doubleclick.net/j/ 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-56449180-1&cid=235974356.1606771704&jid=2043431714&gjid=94778532&_gid=1300603395.1606771704&_u=YGBAgAABAAAAAE~&z=587192253
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 30 Nov 2020 21:28:23 GMT
content-type
text/plain
access-control-allow-origin
https://privatebank.wf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=767471580&t=pageview&_s=1&dl=https%3A%2F%2Fprivatebank.wf.com%2Fconversations%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Conversations%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=2043431714&gjid=94778532&cid=235974356.1606771704&tid=UA-56449180-1&_gid=1300603395.1606771704&gtm=2wgb41NTPXLG&cg1=&cg2=&cd4=%2Fconversations%2F&z=787421385
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Nov 2020 06:05:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55353
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bce4b311-6d20-4d7f-89b8-de0ba080d5bb.json
units.knotch.it/url-map/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://units.knotch.it/url-map/bce4b311-6d20-4d7f-89b8-de0ba080d5bb.json
Protocol
H2
Server
2600:9000:2190:2600:c:d8a6:21c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://privatebank.wf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Mon, 30 Nov 2020 21:28:25 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-allow-headers
content-type
access-control-max-age
3000
server
AmazonS3
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Miss from cloudfront
via
1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
cxTuavkRsp7EkHnJhB1Z2Yb45-E7pTMKGtW683nKQrBu2JsCx7OmbQ==
bce4b311-6d20-4d7f-89b8-de0ba080d5bb.json
units.knotch.it/url-map/ 		63 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://units.knotch.it/url-map/bce4b311-6d20-4d7f-89b8-de0ba080d5bb.json
Requested by
Host: www.knotch-cdn.com
URL: https://www.knotch-cdn.com/unit/latest/knotch.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2600:c:d8a6:21c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98fabfa2c9d6beddae5043db5e7203a1eb012901734727165ccd1b2f371b7735

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 30 Nov 2020 21:28:25 GMT
content-encoding
gzip
last-modified
Tue, 24 Nov 2020 21:38:21 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"618c26030ff4f59413e50fc24982ea10"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3000
x-cache
RefreshHit from cloudfront
x-amz-cf-id
Dl-UTjPzrCDadyynBKHs98p7N8D89MU80-pR9iHvF1OL9QX24AyWHQ==
via
1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
index.html
units.knotch.it/reporter/ver-ea9ff46/ Frame 7957 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://units.knotch.it/reporter/ver-ea9ff46/index.html
Requested by
Host: www.knotch-cdn.com
URL: https://www.knotch-cdn.com/unit/latest/knotch.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2600:c:d8a6:21c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
units.knotch.it
:scheme
https
:path
/reporter/ver-ea9ff46/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://privatebank.wf.com/conversations/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://privatebank.wf.com/conversations/

Response headers

content-type
text/html
last-modified
Tue, 27 Oct 2020 18:22:54 GMT
server
AmazonS3
content-encoding
gzip
date
Mon, 30 Nov 2020 21:26:20 GMT
etag
"629e927604ec889f9ff60854fdd0076c"
cache-control
max-age=2592000
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
iMNZqfCREEp0ynRMEttdOqkaeFV3XVuIBGDS0GlWCNc3DtWfuIUqsg==
age
148
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8554&time=1606771703927&url=https%3A%2F%2Fprivatebank.wf.com%2Fconversations%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D8554%26time%3D1606771703927%26url%3Dhttps%253A%252F%252Fprivatebank.wf.com%252Fco...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8554&time=1606771703927&url=https%3A%2F%2Fprivatebank.wf.com%2Fconversations%2F&liSync=true
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8554&time=1606771703927&url=https%3A%2F%2Fprivatebank.wf.com%2Fconversations%2F&liSync=true
Requested by
Host: privatebank.wf.com
URL: https://privatebank.wf.com/conversations/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 21:28:24 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
zsy3IVpmTBYQkhCVjisAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
content-length
0
x-li-uuid
s9F1GlpmTBagk+jLmSsAAA==
pragma
no-cache
x-li-pop
afd-prod-esv5
x-msedge-ref
Ref A: 516286A13181467D95846DF979327824 Ref B: FRAEDGE0708 Ref C: 2020-11-30T21:28:24Z
x-frame-options
sameorigin
date
Mon, 30 Nov 2020 21:28:23 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8554&time=1606771703927&url=https%3A%2F%2Fprivatebank.wf.com%2Fconversations%2F&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ip.freshmarketer.com/json/ 		249 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ip.freshmarketer.com/json/?callback=setGeoTargeting
Requested by
Host: cdn.zarget.com
URL: https://cdn.zarget.com/157544/398493.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.246.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-246-204.compute-1.amazonaws.com
Software
/
Resource Hash
ddf081fc18a0915fddfe721edd7de29193a7191b1cbae8c797712a53345a47f6

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 21:28:24 GMT
x-database-date
Thu, 05 Sep 2019 07:15:19 GMT
content-length
249
vary
Origin
content-type
application/javascript
collect
www.google-analytics.com/j/ 		2 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=767471580&t=event&ni=1&_s=1&dl=https%3A%2F%2Fprivatebank.wf.com%2Fconversations%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Conversations%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=New%20Scroll%20Depth&ea=percent&el=0%20percent&_u=aGDAAEABAAAAAG~&jid=299109102&gjid=1635071980&cid=235974356.1606771704&tid=UA-56449180-1&_gid=1300603395.1606771704&_r=1&gtm=2wgb41NTPXLG&cd4=%2Fconversations%2F&z=1276825119
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Nov 2020 21:28:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://privatebank.wf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=767471580&t=event&ni=1&_s=1&dl=https%3A%2F%2Fprivatebank.wf.com%2Fconversations%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Conversations%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=New%20Scroll%20Depth&ea=percent&el=25%20percent&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=235974356.1606771704&tid=UA-56449180-1&_gid=1300603395.1606771704&gtm=2wgb41NTPXLG&cd4=%2Fconversations%2F&z=1761342306
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Nov 2020 06:05:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55354
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-56449180-1&cid=235974356.1606771704&jid=299109102&gjid=1635071980&_gid=1300603395.1606771704&_u=aGDAAEABAAAAAG~&z=723515063
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 30 Nov 2020 21:28:24 GMT
content-type
text/plain
access-control-allow-origin
https://privatebank.wf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
WFC-Hero-ChangeToInvestors-1400x550-1.jpg
duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/08/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/08/WFC-Hero-ChangeToInvestors-1400x550-1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:14:1777:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5770d817b4d4d66768b33bf440fcb2705152ed392b3094c11a2fcd5b7b7176eb

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 08:17:34 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Mon, 31 Aug 2020 18:35:23 GMT
server
AmazonS3
age
3417056
etag
"0bc5947fafee8e35746cee707871b715"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
182000
x-amz-cf-id
g5elfKKDmGN-pjn_00YQsTfKXpO78hnBkOcWqMCZwdiFkmmeUJHhRg==
expires
Tue, 31 Aug 2021 18:35:21 GMT
WFII-Hero-State-of-Markets-1400x550-1.png
duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/08/ 		611 KB
612 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duwi1u1qftsi6.cloudfront.net/conversations/wp-content/uploads/2020/08/WFII-Hero-State-of-Markets-1400x550-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:14:1777:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c7cb80b1e1ecfb918a62d7d7765fd12247ebab72a7398ea69a1c8688dd8e696

Request headers

Referer
https://privatebank.wf.com/conversations/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 28 Nov 2020 19:11:55 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified
Wed, 26 Aug 2020 13:37:02 GMT
server
AmazonS3
age
181000
etag
"100a155007f60a5653feb9a6457c2591"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
625157
x-amz-cf-id
5OCmQwGqcRFCE3-Z7RjhbQyIM5adxg8bKcDgJrsekVPBCB2zrwJ01w==
expires
Thu, 26 Aug 2021 13:37:01 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| geolocation object| optly object| optimizely object| dataLayer function| $ function| jQuery object| html5 object| Modernizr function| yepnope function| picturefill string| _bizo_data_partner_id object| vimeoGAJS function| update_filter_counts function| refresh_selected_search_terms function| reset_filters function| update_load_more_link function| validateEmail function| node_transplant function| reCalSidebarHeight function| loadFloodlightImage function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| zargetTimeout boolean| zarget number| zargetTimer object| gaplugins object| gaGlobal object| gaData function| requestAnimFrame object| Knotch object| knotchData function| lintrk boolean| _already_called_lintrk number| zargetMain object| ZargetUrlChangeTrigger function| beforeunload boolean| zg_is_new_visitor boolean| zargetCookie function| runZGHeatmap function| runZGPausedExp object| expEvt function| zarget$ function| fm_$ object| zargetAPI object| FMApi object| triggerHeatmapExperiment object| bulkDetails object| jQuery1113005273849182681478 number| zarget_geo_requestedtime function| setGeoTargeting object| FM object| ZargetFormAPI object| FMFormApi function| ZargetForm object| zarget_geoDetails number| indx number| next_index

8 Cookies

Domain/Path Name / Value
.privatebank.wf.com/ Name: _gid
Value: GA1.3.1300603395.1606771704
.privatebank.wf.com/ Name: _ga
Value: GA1.3.235974356.1606771704
.wf.com/ Name: optimizelyPendingLogEvents
Value: %5B%5D
.privatebank.wf.com/ Name: _dc_gtm_UA-56449180-1
Value: 1
.wf.com/ Name: optimizelyBuckets
Value: %7B%7D
.wf.com/ Name: optimizelySegments
Value: %7B%222607880190%22%3A%22false%22%2C%222610230697%22%3A%22gc%22%2C%222636760574%22%3A%22direct%22%7D
.wf.com/ Name: zarget_visitor_info
Value: %7B%7D
.wf.com/ Name: optimizelyEndUserId
Value: oeu1606771701847r0.5060979249620501

1 Console Messages

Source Level URL
Text
console-api log URL: https://privatebank.wf.com/conversations/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=8640000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.optimizely.com
cdn.zarget.com
cloud.typography.com
don1uexbbetbo.cloudfront.net
duwi1u1qftsi6.cloudfront.net
ip.freshmarketer.com
privatebank.wf.com
px.ads.linkedin.com
script.crazyegg.com
sjs.bizographics.com
snap.licdn.com
stats.g.doubleclick.net
units.knotch.it
www.google-analytics.com
www.googletagmanager.com
www.knotch-cdn.com
www.linkedin.com
104.109.54.208
13.35.253.117
143.204.208.124
18.232.246.204
2600:9000:2057:aa00:14:1777:2380:21
2600:9000:2190:2600:c:d8a6:21c0:93a1
2600:9000:2190:d600:12:1bcc:1d00:93a1
2606:4700::6813:9308
2620:1ec:21::14
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:816::200a
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9b
2a00:1450:400c:c0c::9d
2a02:26f0:10e:2b0::3adf
2a02:26f0:6c00:284::13b8
2a02:26f0:6c00:28c::25ea
2a05:f500:11:101::b93f:9005
54.70.67.52
02b7d8181d1254914407f22085f6e5c41abda64a8d1c9ec2c66194f18809ecf5
0699dfa4e15c1b3da595b941bbe3ccb1770d0e8ac36ca1f55bf3069b72fe8f15
0be8d552637da64f4092fb285c57163dad751867cef997f522275d43bad7025a
105dcebcb57135f252f9b3e5eacfdc1b0d6c24e38c7ef4ae0660409ac96551a6
12c4ca711998f3a9b8d858d549fcc352ea741fb8486242b6cf2d08e30a01040c
1416dcfe4d3ad22fb901df4b72b88561f12408c83406670b810b9ae4f89cda83
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
174c65495b013364661b5a6bbf8e5e93bb4b1b755e2aa959c6b66defa96c4f78
1c7cb80b1e1ecfb918a62d7d7765fd12247ebab72a7398ea69a1c8688dd8e696
1e65a7891d1ac5c3b805d0e04351465d0160aeb6db96d3d27414074eaf5a067a
397bf475ca4b12d3595efbfebb09b9dff2529df4c3a55e5a3bbe7fab0a5cefe7
3a5f8c7a647eca33ff53a23908b8d95fb689d80af734046b758c534fa1b93a8e
3edd2bbfb51badd1e52a86d374740dd1978dc5bb320187d519055b3eb28c98b2
442a59091f7c2e20019900e44ecf0f37e2373147910477c211776df1a7ece518
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b91c356e1c85c973f77904daabe561ab71b6711d4f71aa0553bfa02e4d63604
4bd2897386878a0b33205916755a95c1f4ab8a81c47350b89bbd73b2d9c1c7b8
4c4f36d32d3800317b54f3cadedfd8164f252db13e0ef0b0ad61fb89809af54a
4e3487e9e5089de5622370e8358318c5a8f5293b81db6c1e7ed351790b98eb44
503a9ea3cdbd9a1b9dd481e15dd48e524f4833c58757b3a8a61b899a6be8b293
5770d817b4d4d66768b33bf440fcb2705152ed392b3094c11a2fcd5b7b7176eb
629137b2bb51ec3ef645586f184ecf4ded64476070b4cc0ad6385a8b4e097ff2
6683b06f971799973c8f67fc3126dc6ee52dd7d5164113b94c57f3927ccda4f5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
73ace22e0626444ae2e6e8fefa051cd8ccd8deac1116f5d9b45098d2345ef0d2
79f855cd7d6b1aa8e8c35e4301b24bd0a0f76419220276612351b8866d812a13
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c8062b655d9b737b46e9f12b3b6a6005bfacbb7edbb1a3a13d540fa33bce2d
87a629efb615c7c988cb2f89009ffec52f7bdd15c720f54e0ee8b685c40bd6fb
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
950550c872d6af26860ccfba5378bcf46d124666862c28287816162bba24046f
966b62240b7ec2f92976afeda12ac23d15146353dbc4c2f4896f0f7700ae3e1d
98fabfa2c9d6beddae5043db5e7203a1eb012901734727165ccd1b2f371b7735
a0241c4336f9637e1922448ea2e228f77fd6638de7273d243bdf2396f6e06428
a4cb98a391e8d6eaf7fc82316bb53979621f3aa1bcf9a4c8bfdc0adbc808df23
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
b58354d33440cf7a267f8eabe504f021709fec3dae1262955a8cc63640143cf4
bdf3df4f34708fdcee02014feee7c44c3847e083b4afbcf69ccb6b1fa41efad9
cbba555dc52a36884013c703d85fd10ea40903d0b772b90bd9b8e18442148783
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
d85283daf37534c4823abe8eff01b3e4cb7dc3c45c9a2aa51695a55b5b939002
ddf081fc18a0915fddfe721edd7de29193a7191b1cbae8c797712a53345a47f6
de0bf673d3d3ad953531b8b14d892ac14ea04105b61d2d33861116c3f189dab3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8b3ec99ec98004ab1fc2353f2d79b2635e2a868d31920a7631c7be93576b130
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093