genrepost.com Open in urlscan Pro
2606:4700:30::6818:7b81 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f...
Effective URL:
https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f...
Submission Tags: 6106655
Submission: On July 04 via api (July 4th 2019, 3:59:49 am UTC) from US

Summary HTTP 55 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 5 domains to perform 55 HTTP transactions. The main IP is 2606:4700:30::6818:7b81, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is genrepost.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 13th 2019. Valid for: a year.

This is the only time genrepost.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 5	2606:4700:30:... 2606:4700:30::6818:7b81	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
16	159.45.66.156 159.45.66.156	4196 (WELLSFARG...) (WELLSFARGO-4196 - Wells Fargo & Company)
2	159.45.2.178 159.45.2.178	10837 (WELLSFARG...) (WELLSFARGO-10837 - Wells Fargo & Company)
23	104.109.70.200 104.109.70.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.125.12.134 104.125.12.134	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	104.109.78.230 104.109.78.230	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.49.125.7 52.49.125.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.154.86.186 54.154.86.186	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
55	9

5 2606:4700:30::6818:7b81 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

genrepost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.genrepost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 159.45.66.156 (United States)

ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US)

connect.secure.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.45.2.178 (Concord, United States)

ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)

static.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.109.70.200 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-70-200.deploy.static.akamaitechnologies.com

www01.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.125.12.134 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-125-12-134.deploy.static.akamaitechnologies.com

www04.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.78.230 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-230.deploy.static.akamaitechnologies.com

www20.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.125.7 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-125-7.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.86.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-86-186.eu-west-1.compute.amazonaws.com

wellsfargobankna.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	wellsfargomedia.com www01.wellsfargomedia.com www04.wellsfargomedia.com www20.wellsfargomedia.com	287 KB
18	wellsfargo.com connect.secure.wellsfargo.com static.wellsfargo.com	268 KB
5	genrepost.com 2 redirects genrepost.com www.genrepost.com	13 KB
3	demdex.net dpm.demdex.net wellsfargobankna.demdex.net	3 KB
1	google-analytics.com www.google-analytics.com
55	5

	Domain	Requested by
23	www01.wellsfargomedia.com	genrepost.com
16	connect.secure.wellsfargo.com	genrepost.com connect.secure.wellsfargo.com
4	www20.wellsfargomedia.com	genrepost.com
3	www04.wellsfargomedia.com	genrepost.com
3	genrepost.com	2 redirects
2	dpm.demdex.net	connect.secure.wellsfargo.com
2	www.genrepost.com	genrepost.com
2	static.wellsfargo.com	genrepost.com
1	wellsfargobankna.demdex.net	connect.secure.wellsfargo.com
1	www.google-analytics.com	connect.secure.wellsfargo.com
55	10

This site contains links to these domains. Also see Links.

Domain
oam.wellsfargo.com
icomplete.wellsfargo.com
www.wellsfargoadvisors.com
connect.secure.wellsfargo.com
privatebank.wf.com
www.abbotdowning.com
welcome.wf.com
www.facebook.com
www.linkedin.com
instagram.com
www.pinterest.com
www.youtube.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-02-13` - `2020-02-13`	a year	crt.sh
connect.secure.wellsfargo.com DigiCert Global CA G2	`2019-02-07` - `2021-02-07`	2 years	crt.sh
static.wellsfargo.com DigiCert Global CA G2	`2019-02-07` - `2021-02-07`	2 years	crt.sh
www01.wellsfargomedia.com GeoTrust RSA CA 2018	`2019-02-19` - `2020-05-20`	a year	crt.sh
www20.wellsfargomedia.com GeoTrust RSA CA 2018	`2019-02-19` - `2020-05-20`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Frame ID: 4F85C30BBA51365F33DFE492ACEF4A91
Requests: 50 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/PIDO/farmbook.html?e=https%3A%2F%2Fgenrepost.com&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277425053137
Frame ID: 2702923297C884A9C8BC249DCE8FD694
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/gateway.html?e=https%3A%2F%2Fgenrepost.com&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277426389264
Frame ID: 29BFD6B8A49D11CB56A574471C2298CD
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=https%3A%2F%2Fgenrepost.com&LSESSIONID=jLd1oq8V4IEjeSmAKhIp2jgPp%2FmSo37ZVEmwEXavFtPX08UvN8F06sej&t=xframe&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277426649271
Frame ID: E0269BA2262D4786D665FA7CB84D0F80
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=https%3A%2F%2Fgenrepost.com&LSESSIONID=jLd1oq8V4IEjeSmAKhIp2jgPp%2FmSo37ZVEmwEXavFtPX08UvN8F06sej&t=xframe&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277426757327
Frame ID: 29E570E27D03A429177C565D34E7DB34
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/gateway.html?e=https%3A%2F%2Fgenrepost.com&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277531281777
Frame ID: 694260183F75703E0ED6873CA46CD4C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

RxJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

55
Requests

100 %
HTTPS

22 %
IPv6

5
Domains

10
Subdomains

9
IPs

4
Countries

571 kB
Transfer

1019 kB
Size

2
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://oam.wellsfargo.com/oamo/identity/enrollment
Title: Enroll

Search URL Search Domain Scan URL

URL: https://icomplete.wellsfargo.com/oas/status/auth
Title: Finish Application/Check Status

Search URL Search Domain Scan URL

URL: https://www.wellsfargoadvisors.com/services/intuitive-investor.htm?cid=WFA1800032810&excid=WFA1800032810
Title: Digital Investing Plus Advice

Search URL Search Domain Scan URL

URL: https://www.wellsfargoadvisors.com/intuitive-investor/sign-on.htm?cid=WF1800032820&excid=WF1800032820
Title: Open an Intuitive Investor® Account

Search URL Search Domain Scan URL

URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=irt
Title: Employer Plan 401(k) Sign On

Search URL Search Domain Scan URL

URL: https://privatebank.wf.com/conversations/
Title: Conversations Magazine

Search URL Search Domain Scan URL

URL: https://www.abbotdowning.com/contact_us/headquarters/
Title: Contact Abbot Downing

Search URL Search Domain Scan URL

URL: https://connect.secure.wellsfargo.com/auth/login/rewards
Title: Sign On to Go Far Rewards

Search URL Search Domain Scan URL

URL: https://welcome.wf.com/foodbank/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wellsfargo
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wellsfargo
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/wellsfargo/
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wellsfargo/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/wellsfargo
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/wellsfargo
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://genrepost.com/js/vendor/jquery-3.1.1.min.js HTTP 301
https://www.genrepost.com/js/vendor/jquery-3.1.1.min.js

Request Chain 33

https://genrepost.com/js/global/homepage_per.js HTTP 301
https://www.genrepost.com/js/global/homepage_per.js

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 0.html Show response
genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/ 70 KB
13 KB 1668ms
1472ms Document
text/html 2606:4700:30::6818:7b81
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:7b81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

509f0ffec2d39bdc936272f78c20206595544fa54cc40fc0848a4f5ca7009fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: genrepost.com
:scheme: https
:path: /wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 04 Jul 2019 03:59:25 GMT
content-type: text/html
set-cookie: __cfduid=da8158b380105c4b21e1a86b63ffe47fa1562212763; expires=Fri, 03-Jul-20 03:59:23 GMT; path=/; domain=.genrepost.com; HttpOnly
last-modified: Fri, 31 May 2019 21:33:50 GMT
vary: Accept-Encoding
expires: Fri, 05 Jul 2019 03:59:24 GMT
cache-control: max-age=86400 public
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4f0e2fad9c6d9ab6-FRA
content-encoding: br

GET
H/1.1 200 nd Show response
connect.secure.wellsfargo.com/jenny/ 43 KB
15 KB 3795ms
148ms Script
application/javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/jenny/nd
Requested by: Host: genrepost.com
URL: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: 2a728263db3669c7705a16ce15ef66bb6f1786a5510a82933bf9559247e7a7fb

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 03:59:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: KONICHIWA/1.1
Vary: Accept-Encoding
Content-Type: application/javascript;charset=ISO-8859-1

GET
H/1.1 200
OK utag.js Show response
static.wellsfargo.com/tracking/toppages/ 149 KB
43 KB 3122ms
156ms Script
application/x-javascript 159.45.2.178
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/toppages/utag.js

Requested by

Host: genrepost.com
URL: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.178 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

377002514be0ec6ce7340ccfbd11ea8456e71d26447f176af4aadbb4289ff86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 03:59:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 43204
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 25 Jun 2019 17:30:10 GMT
Server: KONICHIWA/2.0
ETag: "253d7-58c2947d14c80-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Expires: Thu, 04 Jul 2019 04:29:28 GMT

GET
H/1.1 200
OK utag.sync.js Show response
static.wellsfargo.com/tracking/toppages/ 10 KB
5 KB 3114ms
150ms Script
application/x-javascript 159.45.2.178
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/toppages/utag.sync.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.178 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

954424ae82926de25de2b279a3c1a3a10b0f9ed2d0e45df7869ef5ffdf8efb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 03:59:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 4286
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 04 Jun 2019 21:49:52 GMT
Server: KONICHIWA/2.0
ETag: "28fb-58a8675e8e000-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Expires: Thu, 04 Jul 2019 04:29:28 GMT

GET
H/1.1 200
OK homepage_per.css
www01.wellsfargomedia.com/css/home/ 45 KB
9 KB 112ms
33ms Stylesheet
text/css 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www01.wellsfargomedia.com/css/home/homepage_per.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

d121dceb464515079b2354ace969cca164b7020feb1191cf751afae3677d2b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Jun 2019 20:28:44 GMT
Server: KONICHIWA/2.0
ETag: "b347-58aad8f6fd700-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Thu, 04 Jul 2019 03:59:25 GMT
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 8878
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 03:59:25 GMT

GET
H/1.1 200
OK homepage-logo-horz.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 4 KB
2 KB 125ms
46ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-logo-horz.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

f5e90d9eb8e07ccd4ebe0f25331a39d78d02af0405a32b93613f4b89fe472bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1699
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Thu, 04 Jul 2019 03:59:25 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "eaa-554880386bac0"
Accept-Ranges: bytes
Expires: Thu, 04 Jul 2019 04:29:25 GMT

GET
H/1.1 200
OK homepage-lock.svg
www04.wellsfargomedia.com/assets/images/css/template/homepage/ 2 KB
1 KB 102ms
28ms Image
image/svg+xml 104.125.12.134
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.125.12.134 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-125-12-134.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
F5-trid-name: wwbe_web_static_ohd, fd_ww_web_static_ofd
ETag: "6f8-554880386bac0"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 789
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Thu, 04 Jul 2019 03:59:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
F5-trid-value: 1533329579399, 1533329579042
Accept-Ranges: bytes
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK homepage-caret-selector.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 336 B
775 B 38ms
33ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-caret-selector.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

ed0765dbff371196a86519e6d154c69b71fa1b7bf4ef983aaf04c5df54efd942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 251
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Thu, 04 Jul 2019 03:59:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "150-554880386bac0"
Accept-Ranges: bytes
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK homepage-lock-signon.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 2 KB
1 KB 220ms
215ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock-signon.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

073dbd57bfaadacd622a9b8e4f1aee42b16cd432baf7ca48a60664df80f63cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 816
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Thu, 04 Jul 2019 03:59:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "664-554880386bac0"
Accept-Ranges: bytes
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK homepage-image-sprite.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 15 KB
15 KB 134ms
28ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-image-sprite.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Sep 2017 06:57:15 GMT
Server: KONICHIWA/2.0
ETag: "3a35-559997c5ea8c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1602
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14901
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:26:11 GMT

GET
H/1.1 200
OK wfic555_ph_g-148194851_1200x532.jpg
www20.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/ 56 KB
55 KB 3326ms
52ms Image
image/jpeg 104.109.78.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/wfic555_ph_g-148194851_1200x532.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.78.230 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-78-230.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

04b883194991ed688178f5e50f87d5def411df40802efc1f85928c7ea923279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 14 Nov 2018 17:42:48 GMT
Server: KONICHIWA/2.0
ETag: "dff7-57aa37662d600"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:32 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK homepage-marquee-dot-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 552 B
908 B 163ms
32ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-marquee-dot-inactive.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

c11155f5dc039dc2543740015a6851926a264fbb14d3549ddf976b90701c96b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 384
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Thu, 04 Jul 2019 03:59:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "228-554880386bac0"
Accept-Ranges: bytes
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK homepage-marquee-dot-active.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 556 B
908 B 167ms
36ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-marquee-dot-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

e07b5c1a91bcb918cae3188c71f28a146175a066c772e9a9f9200577e6f7da36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 384
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Thu, 04 Jul 2019 03:59:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "22c-554880386bac0"
Accept-Ranges: bytes
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK wfi000_ic_b-check_50x50.png
www20.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/ 2 KB
2 KB 3324ms
51ms Image
image/png 104.109.78.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/wfi000_ic_b-check_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.78.230 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-78-230.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

3147accc5dda730dc4de8102457f255869ee77077b9c68fb3fc287ed6ab1f6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 09 Aug 2018 15:38:06 GMT
Server: KONICHIWA/2.0
ETag: "7f9-5730269d13380"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:32 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1772
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wfi000_ic_d-card-emv-new-white_50x50.png
www20.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/ 2 KB
2 KB 3293ms
54ms Image
image/png 104.109.78.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/wfi000_ic_d-card-emv-new-white_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.78.230 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-78-230.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

4dee0896ac011cbece431bffd15bf5d0f307ca3e2eb451fef836ec1d7de689e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 12 Jul 2018 20:19:31 GMT
Server: KONICHIWA/2.0
ETag: "6d8-570d314af5ac0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:32 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1472
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wfi000_ic_b-graduation-hat-w_50x50.png
www20.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/ 2 KB
2 KB 3288ms
50ms Image
image/png 104.109.78.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/wfi000_ic_b-graduation-hat-w_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.78.230 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-78-230.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

c3ff2d939394bb7e0d4281751e28ec17f99af931cbea9733483794d6f77b9016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 10 Jul 2017 17:57:33 GMT
Server: KONICHIWA/2.0
ETag: "767-553fa51365d40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:32 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1604
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon-makeappt_50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ 813 B
1 KB 56ms
32ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/homepage/icon-makeappt_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

00840eadcdd06f534ef281b5a632daaf7f43a10cb720d2880c0325d38c9dfdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "32d-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 813
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK icon-rate_percent_50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ 1 KB
2 KB 60ms
37ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/homepage/icon-rate_percent_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

469ed23c33689844eb52a8bc4758887a69152296a08d656dd19c0b0f5e1bacfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "4fa-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1274
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK viewing_FICAscore_193x119.jpg
www01.wellsfargomedia.com/assets/images/icons/ 4 KB
5 KB 94ms
34ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/icons/viewing_FICAscore_193x119.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

73db55d6c01a1b17a3341ed78c61906a7ee1e42af58eec4de964b49986eea8bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "1095-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4245
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK payingwithphone-beach_193x119.jpg
www01.wellsfargomedia.com/assets/images/icons/ 4 KB
5 KB 89ms
33ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/icons/payingwithphone-beach_193x119.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

cba86aa1470f9f48da99be33240cd013988442c106e4dd3dbbe68196c3be6a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "1028-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4136
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK NBA-Retirement-193x119.png
www01.wellsfargomedia.com/assets/images/icons/193x119/ 8 KB
8 KB 70ms
32ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/icons/193x119/NBA-Retirement-193x119.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

597f0ea5650dc18a6f73ace2d358889007504800173ea5668b069d1672ad5bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Nov 2018 21:01:30 GMT
Server: KONICHIWA/2.0
ETag: "1e62-57a41a7c93e80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7778
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK NBA-InvestingBasics-193x119.png
www01.wellsfargomedia.com/assets/images/icons/193x119/ 8 KB
9 KB 38ms
37ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/icons/193x119/NBA-InvestingBasics-193x119.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

79850b5d21cf57325d3820aa92c519a2ab7a4fef7bf45551d3a939262c4033af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Nov 2018 21:01:30 GMT
Server: KONICHIWA/2.0
ETag: "2188-57a41a7c93e80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8584
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK viewing_FICAscore_on_tablet_970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ 26 KB
26 KB 90ms
33ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/viewing_FICAscore_on_tablet_970x485.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

fa747c252d4295d8472d748e35b03f97a63a4959c6685848e648b1f0b80f6e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "66a0-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26272
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK homepage-image-sprite-2.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 23 KB
23 KB 86ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-image-sprite-2.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

54072fa704ec827d5af8273696528cffce00b1f820c415d7e593d53a91321f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "5aa5-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=474
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23205
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:07:23 GMT

GET
H/1.1 200
OK payingwithphone-beach_970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ 24 KB
25 KB 31ms
31ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/payingwithphone-beach_970x485.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

5cf16def9c8844111a812c4767a1f10722a8331574708f4af49f5c6370641dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "60ef-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24815
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK NBA-Retirement-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ 34 KB
34 KB 31ms
31ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/NBA-Retirement-970x485.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

82cf54af7aeb3e363a086f8ce5b7735bb9f43bb64609a1d32397d2b96819bf27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Nov 2018 21:01:30 GMT
Server: KONICHIWA/2.0
ETag: "8701-57a41a7c93e80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34561
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK NBA-InvestingBasics-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ 32 KB
32 KB 32ms
31ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/NBA-InvestingBasics-970x485.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

982003c4cecd7caa0d1b5b8ceb4ee3d9a49263cb37fe56ccf4d5113868fe6741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Nov 2018 21:01:30 GMT
Server: KONICHIWA/2.0
ETag: "7fe5-57a41a7c93e80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32741
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK homepage-footer-stagecoach.png
www01.wellsfargomedia.com/assets/images/global/ 4 KB
5 KB 31ms
31ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/global/homepage-footer-stagecoach.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

5ba349d4d93dc2748ecdd74459d33d57328b0df69bf29c94117897bff43f6889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "113b-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4411
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK homepage-image-sprite.png
www04.wellsfargomedia.com/assets/images/css/template/homepage/ 15 KB
15 KB 87ms
29ms Image
image/png 104.125.12.134
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-image-sprite.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.125.12.134 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-125-12-134.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
F5-trid-name: wwbe_web_static_ohd, fd_ww_web_static_ofd
ETag: "3a35-559997c5ea8c0"
Connection: keep-alive
Content-Length: 14901
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2017 06:57:15 GMT
Server: KONICHIWA/2.0
Date: Thu, 04 Jul 2019 03:59:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1647
F5-trid-value: 1533174161341, 1533174160968
Accept-Ranges: bytes
Expires: Thu, 04 Jul 2019 04:26:56 GMT

GET
H/1.1 200
OK icon-equal-housing.png
www04.wellsfargomedia.com/assets/images/global/ 282 B
820 B 105ms
46ms Image
image/png 104.125.12.134
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/global/icon-equal-housing.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.125.12.134 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-125-12-134.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

31ebc1799692cf80984ded81abc89d9e1540bc1e258770f5a24ad4386a48d3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
F5-trid-name: wwbe_web_static_jga
ETag: "11a-5548803e24840"
Connection: keep-alive
Content-Length: 282
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
Date: Thu, 04 Jul 2019 03:59:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
F5-trid-value: 1533173859723
Accept-Ranges: bytes
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK login-userprefs.min.js Show response
connect.secure.wellsfargo.com/auth/static/prefs/ 156 KB
86 KB 3669ms
149ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

faab4220b4d6455dff00416640ac803adb4bde13113f919245684a757d126c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 03:59:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 Jun 2019 02:28:07 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: W/"1c6f-58c30cbb390ed"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:28 GMT

GET
H/1.1 200
OK conutils-6.2.2.js Show response
connect.secure.wellsfargo.com/auth/static/scripts/ 10 KB
4 KB 617ms
213ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.2.2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

3313ac9f2c148df9dc8581ae4d7bb9023c3ef933d1152db47de29e32ec5f67b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 03:59:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 3886
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 10 Apr 2019 02:57:49 GMT
Server: KONICHIWA/1.1
ETag: "26c4-586243c2655c0-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=10368000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=32
Expires: Fri, 01 Nov 2019 03:59:29 GMT

GET
H/1.1 200
OK atadun.js Show response
connect.secure.wellsfargo.com/auth/static/prefs/ 1023 B
1 KB 145ms
140ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/prefs/atadun.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

eb0773bab4190baeb667b0079a148b4495acab39ad0b1beeba95d5750afe5eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 03:59:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 541
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 26 Jun 2019 02:28:07 GMT
Server: KONICHIWA/1.1
ETag: "3ff-58c30cbb38535-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=20
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H2

404

jquery-3.1.1.min.js
www.genrepost.com/js/vendor/
Redirect Chain

https://genrepost.com/js/vendor/jquery-3.1.1.min.js
https://www.genrepost.com/js/vendor/jquery-3.1.1.min.js

0
0

2669ms
2653ms

Script
text/html

2606:4700:30::6818:7b81
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genrepost.com/js/vendor/jquery-3.1.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:7b81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 04 Jul 2019 03:59:34 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=15768000
cf-ray: 4f0e2fddda1d9ab6-FRA
link: <https://www.genrepost.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Thu, 04 Jul 2019 03:59:31 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-redirect-by: WordPress
status: 301
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.genrepost.com/js/vendor/jquery-3.1.1.min.js
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 4f0e2fcf7e979ab6-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

homepage_per.js
www.genrepost.com/js/global/
Redirect Chain

https://genrepost.com/js/global/homepage_per.js
https://www.genrepost.com/js/global/homepage_per.js

0
0

2681ms
2659ms

Script
text/html

2606:4700:30::6818:7b81
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genrepost.com/js/global/homepage_per.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:7b81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 04 Jul 2019 03:59:34 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=15768000
cf-ray: 4f0e2fddda1f9ab6-FRA
link: <https://www.genrepost.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Thu, 04 Jul 2019 03:59:31 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-redirect-by: WordPress
status: 301
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.genrepost.com/js/global/homepage_per.js
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 4f0e2fcf7e989ab6-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK homepage-magnifying-glass.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 302 B
775 B 36ms
32ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

fbdbdec73948179778c9fa39a0108957d10c49c9bdeb9f830448bffd4a268582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Sep 2017 06:57:15 GMT
Server: KONICHIWA/2.0
ETag: "12e-559997c5ea8c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 302
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK icon-tip_flag.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 430 B
903 B 30ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/icon-tip_flag.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

1c21f46a040e99db7bad5a6a328421c35a27a92aaff1289ba691a95d904ed6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "1ae-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 430
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK chevron-right-blue.png
www01.wellsfargomedia.com/assets/images/css/template/ 1020 B
1 KB 28ms
28ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

3554aa96a4221cb3bf2062ba10fdb9a83e81fe8e8d08b3ae5a92edf6a1b7b2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 May 2013 20:02:46 GMT
Server: KONICHIWA/2.0
ETag: "3fc-4dd7c48542580"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Thu, 04 Jul 2019 03:59:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1020
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK homepage-signon-checkbox-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 516 B
896 B 57ms
34ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-signon-checkbox-inactive.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

7e9697a48939ce70ad22c87cc964f9701ce8f47eb3747ddbf8a1f9f3297fc5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 372
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Thu, 04 Jul 2019 03:59:29 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "204-554880386bac0"
Accept-Ranges: bytes
Expires: Thu, 04 Jul 2019 04:29:29 GMT

GET
H/1.1 200
OK conutils-6.9.0.js Show response
connect.secure.wellsfargo.com/auth/static/scripts/ 23 KB
9 KB 141ms
141ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

7cd2b1ab0ed81ddc453b8da5357fcf7b3cbec29cd139059706a7b0bda253af48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 03:59:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 8774
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 26 Jun 2019 02:28:28 GMT
Server: KONICHIWA/1.1
ETag: "5bd1-58c30ccf6c91c-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=10368000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=64
Expires: Fri, 01 Nov 2019 03:59:29 GMT

GET
H/1.1 200
OK glu.js Show response
connect.secure.wellsfargo.com/AIDO/ 45 KB
21 KB 224ms
224ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/glu.js?r=0.7922954518944443
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: a17dcccb82f333fd663ea5fcd2201aac2a5e1d39ca353aeacfcbff3b1314215f

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2019 03:59:29 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK mint.js Show response
connect.secure.wellsfargo.com/AIDO/ 38 KB
16 KB 212ms
211ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7074241995612169
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: f163887fcdbdce10a14aff6ecba5ef56df1173ccd8f20b1fc0b24d874698ac3d

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2019 03:59:29 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK pic.js Show response
connect.secure.wellsfargo.com/PIDO/ 42 KB
19 KB 218ms
218ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.10956303951106228
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: 1d1a4f5797706774fe511d06b4f9be1680d7ccdd23ead754b09bab498820e023

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2019 03:59:29 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK trx.js Show response
connect.secure.wellsfargo.com/AIDO/ 71 KB
28 KB 216ms
215ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7074241995612169
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: c0e64c9c5f81959d76da79f6c52e059130524d00adf6dc360f28780545a38e38

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2019 03:59:29 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK try.js Show response
connect.secure.wellsfargo.com/AIDO/ 45 KB
21 KB 211ms
210ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7074241995612169
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: ec992a6f801cbaed95fb8e02fe4ac40706c4792e121cbc0d956483e6863bc322

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2019 03:59:29 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 225 B
980 B 156ms
42ms XHR
application/json 52.49.125.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1562212774196
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.125.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-125-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4b172469c09e19ecc71ef240fd2c9ae21d3d737527e22ca12ee93c953f964822

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Origin: https://genrepost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcscanary-prod-irl1-v045-0b2449494.edge-irl1.demdex.com 5.55.3.20190702115514 4ms
Pragma: no-cache
X-TID: IhkYXnFFTq4=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://genrepost.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 225
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
0 33ms
13ms Fetch
image/gif 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Origin: https://genrepost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Jul 2019 03:59:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://genrepost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
Ok ay6u Show response
connect.secure.wellsfargo.com/AIDO/ 94 B
763 B 215ms
214ms Script
text/javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyOCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJzJTIyJTNBJTIyMjczOTA4M2QtMjNlNy00ZGQyLTkwOGItOTY1YmIxMTM3ZTAzJTIyJTdEJTdEJTVE&cid=28&si=3&e=https%3A%2F%2Fgenrepost.com&LSESSIONID=jLd1oq8V4IEjeSmAKhIp2jgPp%2FmSo37ZVEmwEXavFtPX08UvN8F06sej&t=jsonp&__tp=login&c=ptcnsmng_mgel_lz&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: 7fcf68cbf544c0eff558602dda91bac8153a4ce559719d09cee0db9ef886ae41

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jul 2019 03:59:34 GMT
Server: KONICHIWA/1.1
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 94
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK farmbook.html
connect.secure.wellsfargo.com/PIDO/ Frame 2702 0
0 208ms
208ms Document
text/html 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/PIDO/farmbook.html?e=https%3A%2F%2Fgenrepost.com&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277425053137
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.10956303951106228
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash

Request headers

Host: connect.secure.wellsfargo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=

Response headers

Server: KONICHIWA/1.1
Date: Thu, 04 Jul 2019 03:59:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip

GET
H/1.1 200
OK gateway.html
connect.secure.wellsfargo.com/AIDO/ Frame 29BF 0
0 217ms
217ms Document
text/html 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/gateway.html?e=https%3A%2F%2Fgenrepost.com&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277426389264
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash

Request headers

Host: connect.secure.wellsfargo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=

Response headers

Server: KONICHIWA/1.1
Date: Thu, 04 Jul 2019 03:59:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip

GET
H/1.1 200
OK /
connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secu... Frame E026 0
0 219ms
219ms Document
text/html 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=https%3A%2F%2Fgenrepost.com&LSESSIONID=jLd1oq8V4IEjeSmAKhIp2jgPp%2FmSo37ZVEmwEXavFtPX08UvN8F06sej&t=xframe&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277426649271
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash

Request headers

Host: connect.secure.wellsfargo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=

Response headers

Server: KONICHIWA/1.1
Date: Thu, 04 Jul 2019 03:59:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip

GET
H/1.1 200
OK elegant.html
connect.secure.wellsfargo.com/AIDO/ Frame 29E5 0
0 397ms
212ms Document
text/html 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=https%3A%2F%2Fgenrepost.com&LSESSIONID=jLd1oq8V4IEjeSmAKhIp2jgPp%2FmSo37ZVEmwEXavFtPX08UvN8F06sej&t=xframe&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277426757327
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash

Request headers

Host: connect.secure.wellsfargo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=

Response headers

Server: KONICHIWA/1.1
Date: Thu, 04 Jul 2019 03:59:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 225 B
974 B 44ms
43ms XHR
application/json 52.49.125.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=53479760312684543671806061047310908566&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%011120181125025606868845244%011&ts=1562212774367
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.125.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-125-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f58f41223874289eae0521451c88bf8842bdc82347f9cad373755103faae20b

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Origin: https://genrepost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v037-0002912c1.edge-irl1.demdex.com 5.55.3.20190702115514 5ms
Pragma: no-cache
X-TID: iRkDYrgDQcU=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://genrepost.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 225
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK event Show response
wellsfargobankna.demdex.net/ 363 B
1 KB 167ms
46ms XHR
application/json 54.154.86.186
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://wellsfargobankna.demdex.net/event?_ts=1562212774199
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.86.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-86-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 93ce2f508095e6103d2516680b3dd59a4c34c26e1bbb69cb3d5dd867df262892

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Origin: https://genrepost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v037-07e9cf951.edge-irl1.demdex.com 5.55.3.20190702115514 8ms
Pragma: no-cache
X-TID: 9ZsHrxzoQYg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://genrepost.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 363
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK gateway.html
connect.secure.wellsfargo.com/AIDO/ Frame 6942 0
0 211ms
210ms Document
text/html 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/gateway.html?e=https%3A%2F%2Fgenrepost.com&__tp=login&eu=https%3A%2F%2Fgenrepost.com%2Fwp-content%2F3874848479394932223%2F85775847579485948422%2FAuth_Controller%2F2231362075%2F0.html%3F_f6955582f56fa101a8302a9bacf155f1076365018f%3Ahttps%3A%2F_O_A%2Fsaml%2Fsaml2%2Fidp%2FSSOService_php%3Fspentityid%3Dhttp%3A%2F%2Fcenturylink_net%2Fsaml%2Fmodule_php%2Fsaml%2Fsp%2Fmetadata_php%2FClient%2FLibrary%2FSaml%2Fsaml-sp%26cookieTime%3D1506110952%26RelayState%3Dhttp%3A%2F%2Fcenturylink_net%2Flogin%2F%3Fbounceto%3Dhttp%3A%2F%2Fcenturylink_net%2Fzmail%2F%3Fautologin%3Dtrue%26ts%3D1506093785%2527%2527%3D&icid=156221277531281777
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash

Request headers

Host: connect.secure.wellsfargo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/2231362075/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/_O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785%27%27=

Response headers

Server: KONICHIWA/1.1
Date: Thu, 04 Jul 2019 03:59:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			genrepost.com/	1970-01-19 19:29:31	Name: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg Value: T
			.genrepost.com/	1970-01-19 10:42:28	Name: __cfduid Value: d151fa560969d6b7b64857c149d88b6381562212771

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.secure.wellsfargo.com
dpm.demdex.net
genrepost.com
static.wellsfargo.com
wellsfargobankna.demdex.net
www.genrepost.com
www.google-analytics.com
www01.wellsfargomedia.com
www04.wellsfargomedia.com
www20.wellsfargomedia.com
104.109.70.200
104.109.78.230
104.125.12.134
159.45.2.178
159.45.66.156
2606:4700:30::6818:7b81
2a00:1450:4001:81c::200e
52.49.125.7
54.154.86.186
00840eadcdd06f534ef281b5a632daaf7f43a10cb720d2880c0325d38c9dfdc8
04b883194991ed688178f5e50f87d5def411df40802efc1f85928c7ea923279e
073dbd57bfaadacd622a9b8e4f1aee42b16cd432baf7ca48a60664df80f63cb1
1c21f46a040e99db7bad5a6a328421c35a27a92aaff1289ba691a95d904ed6f5
1d1a4f5797706774fe511d06b4f9be1680d7ccdd23ead754b09bab498820e023
2a728263db3669c7705a16ce15ef66bb6f1786a5510a82933bf9559247e7a7fb
3147accc5dda730dc4de8102457f255869ee77077b9c68fb3fc287ed6ab1f6b1
31ebc1799692cf80984ded81abc89d9e1540bc1e258770f5a24ad4386a48d3bc
3313ac9f2c148df9dc8581ae4d7bb9023c3ef933d1152db47de29e32ec5f67b0
3554aa96a4221cb3bf2062ba10fdb9a83e81fe8e8d08b3ae5a92edf6a1b7b2f7
377002514be0ec6ce7340ccfbd11ea8456e71d26447f176af4aadbb4289ff86c
469ed23c33689844eb52a8bc4758887a69152296a08d656dd19c0b0f5e1bacfa
4b172469c09e19ecc71ef240fd2c9ae21d3d737527e22ca12ee93c953f964822
4dee0896ac011cbece431bffd15bf5d0f307ca3e2eb451fef836ec1d7de689e7
509f0ffec2d39bdc936272f78c20206595544fa54cc40fc0848a4f5ca7009fc2
54072fa704ec827d5af8273696528cffce00b1f820c415d7e593d53a91321f81
597f0ea5650dc18a6f73ace2d358889007504800173ea5668b069d1672ad5bd2
5ba349d4d93dc2748ecdd74459d33d57328b0df69bf29c94117897bff43f6889
5cf16def9c8844111a812c4767a1f10722a8331574708f4af49f5c6370641dda
73db55d6c01a1b17a3341ed78c61906a7ee1e42af58eec4de964b49986eea8bf
76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634
79850b5d21cf57325d3820aa92c519a2ab7a4fef7bf45551d3a939262c4033af
7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab
7cd2b1ab0ed81ddc453b8da5357fcf7b3cbec29cd139059706a7b0bda253af48
7e9697a48939ce70ad22c87cc964f9701ce8f47eb3747ddbf8a1f9f3297fc5c3
7f58f41223874289eae0521451c88bf8842bdc82347f9cad373755103faae20b
7fcf68cbf544c0eff558602dda91bac8153a4ce559719d09cee0db9ef886ae41
82cf54af7aeb3e363a086f8ce5b7735bb9f43bb64609a1d32397d2b96819bf27
93ce2f508095e6103d2516680b3dd59a4c34c26e1bbb69cb3d5dd867df262892
954424ae82926de25de2b279a3c1a3a10b0f9ed2d0e45df7869ef5ffdf8efb6a
982003c4cecd7caa0d1b5b8ceb4ee3d9a49263cb37fe56ccf4d5113868fe6741
a17dcccb82f333fd663ea5fcd2201aac2a5e1d39ca353aeacfcbff3b1314215f
c0e64c9c5f81959d76da79f6c52e059130524d00adf6dc360f28780545a38e38
c11155f5dc039dc2543740015a6851926a264fbb14d3549ddf976b90701c96b6
c3ff2d939394bb7e0d4281751e28ec17f99af931cbea9733483794d6f77b9016
cba86aa1470f9f48da99be33240cd013988442c106e4dd3dbbe68196c3be6a82
d121dceb464515079b2354ace969cca164b7020feb1191cf751afae3677d2b92
e07b5c1a91bcb918cae3188c71f28a146175a066c772e9a9f9200577e6f7da36
eb0773bab4190baeb667b0079a148b4495acab39ad0b1beeba95d5750afe5eb9
ec992a6f801cbaed95fb8e02fe4ac40706c4792e121cbc0d956483e6863bc322
ed0765dbff371196a86519e6d154c69b71fa1b7bf4ef983aaf04c5df54efd942
f163887fcdbdce10a14aff6ecba5ef56df1173ccd8f20b1fc0b24d874698ac3d
f5e90d9eb8e07ccd4ebe0f25331a39d78d02af0405a32b93613f4b89fe472bbd
fa747c252d4295d8472d748e35b03f97a63a4959c6685848e648b1f0b80f6e70
faab4220b4d6455dff00416640ac803adb4bde13113f919245684a757d126c67
fbdbdec73948179778c9fa39a0108957d10c49c9bdeb9f830448bffd4a268582

genrepost.com Open in urlscan Pro 2606:4700:30::6818:7b81 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

22 %IPv6

5 Domains

10 Subdomains

9 IPs

4 Countries

571 kBTransfer

1019 kBSize

2 Cookies

15 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

genrepost.com Open in urlscan Pro
2606:4700:30::6818:7b81 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

22 %
IPv6

5
Domains

10
Subdomains

9
IPs

4
Countries

571 kB
Transfer

1019 kB
Size

2
Cookies

55 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!