storage.googleapis.com Open in urlscan Pro
2a00:1450:4001:812::2010 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u22460067.ct.sendgrid.net/ls/click?upn=10Q1qIMUTs0Vtc9wvWLp45MvLH7ckdbmBeEC5hWYHgJBqB47q6x-2B9az1N-2B9EFkzbcA5btHy0fG9KtBt...
Effective URL:
https://storage.googleapis.com/joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html
Submission: On June 30 via manual (June 30th 2021, 4:51:11 pm UTC) from US

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 74 HTTP transactions. The main IP is 2a00:1450:4001:812::2010, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is storage.googleapis.com.
TLS certificate: Issued by GTS CA 1O1 on May 31st 2021. Valid for: 3 months.

This is the only time storage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
1	2a00:1450:400... 2a00:1450:4001:812::2010	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	103.153.182.185 103.153.182.185	140947 (SNTHOSTIN...) (SNTHOSTINGS-AS-AP SnTHostings)
2	159.45.170.145 159.45.170.145	10837 (WELLSFARG...) (WELLSFARGO-10837)
16	159.45.2.156 159.45.2.156	10837 (WELLSFARG...) (WELLSFARGO-10837)
33	23.79.128.179 23.79.128.179	16625 (AKAMAI-AS) (AKAMAI-AS)
2	159.45.66.178 159.45.66.178	4196 (WELLSFARG...) (WELLSFARGO-4196)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	54.241.164.141 54.241.164.141	16509 (AMAZON-02) (AMAZON-02)
1	54.68.225.43 54.68.225.43	16509 (AMAZON-02) (AMAZON-02)
74	18

1 167.89.118.35 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)

u22460067.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.153.182.185 (Los Angeles, United States)

ASN140947 (SNTHOSTINGS-AS-AP SnTHostings, IN)

agr456ibarn.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.45.170.145 (United States)

ASN10837 (WELLSFARGO-10837, US)

www.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 159.45.2.156 (United States)

ASN10837 (WELLSFARGO-10837, US)

connect.secure.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 23.79.128.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-128-179.deploy.static.akamaitechnologies.com

www01.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.45.66.178 (United States)

ASN4196 (WELLSFARGO-4196, US)

static.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

2549153.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.241.164.141 (San Jose, United States)

ASN16509 (AMAZON-02, US)

awusw-wfr.advanced-web-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.225.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	wellsfargomedia.com www01.wellsfargomedia.com	516 KB
20	wellsfargo.com www.wellsfargo.com connect.secure.wellsfargo.com static.wellsfargo.com	287 KB
4	agr456ibarn.ru agr456ibarn.ru	71 KB
3	googleapis.com storage.googleapis.com ajax.googleapis.com	64 KB
2	doubleclick.net 1 redirects 2549153.fls.doubleclick.net	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com stackpath.bootstrapcdn.com	27 KB
1	eum-appdynamics.com col.eum-appdynamics.com	1 KB
1	advanced-web-analytics.com awusw-wfr.advanced-web-analytics.com	449 B
1	google.de adservice.google.de	931 B
1	google.com adservice.google.com	925 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	jquery.com code.jquery.com	24 KB
1	sendgrid.net 1 redirects u22460067.ct.sendgrid.net	276 B
74	14

	Domain	Requested by
33	www01.wellsfargomedia.com	agr456ibarn.ru www.wellsfargo.com
16	connect.secure.wellsfargo.com	agr456ibarn.ru connect.secure.wellsfargo.com
4	agr456ibarn.ru	storage.googleapis.com agr456ibarn.ru
2	2549153.fls.doubleclick.net	1 redirects agr456ibarn.ru
2	static.wellsfargo.com	agr456ibarn.ru static.wellsfargo.com
2	www.wellsfargo.com	agr456ibarn.ru
2	ajax.googleapis.com	storage.googleapis.com agr456ibarn.ru
1	col.eum-appdynamics.com	static.wellsfargo.com
1	awusw-wfr.advanced-web-analytics.com	connect.secure.wellsfargo.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	2549153.fls.doubleclick.net
1	cdn.jsdelivr.net	agr456ibarn.ru
1	stackpath.bootstrapcdn.com	agr456ibarn.ru
1	maxcdn.bootstrapcdn.com	agr456ibarn.ru
1	cdnjs.cloudflare.com	agr456ibarn.ru
1	code.jquery.com	agr456ibarn.ru
1	storage.googleapis.com
1	u22460067.ct.sendgrid.net	1 redirects
74	18

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.agr456ibarn.ru R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
www.wellsfargo.com DigiCert EV RSA CA G2	`2020-07-11` - `2022-07-20`	2 years	crt.sh
connect.secure.wellsfargo.com DigiCert EV RSA CA G2	`2020-07-09` - `2022-07-14`	2 years	crt.sh
www01.wellsfargomedia.com GeoTrust RSA CA 2018	`2021-04-30` - `2022-05-11`	a year	crt.sh
static.wellsfargo.com DigiCert EV RSA CA G2	`2020-07-11` - `2022-07-20`	2 years	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.advanced-web-analytics.com GeoTrust TLS RSA CA G1	`2020-05-31` - `2022-06-30`	2 years	crt.sh
*.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-14` - `2022-07-15`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://storage.googleapis.com/joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html
Frame ID: 4C1EDF5338FF0F764223DD0A2616A7E5
Requests: 2 HTTP requests in this frame

Frame: https://agr456ibarn.ru/asdf/index.html
Frame ID: 10C9D143522D495AF51C866141E844B5
Requests: 65 HTTP requests in this frame

Frame: https://2549153.fls.doubleclick.net/activityi;dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F
Frame ID: 2EC449FBD153293D4B1BB25A21FC04F5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F
Frame ID: 6652B4B07BAC57F2DCDE02296ECCDA17
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F
Frame ID: 7D40B5C79982F9F8F2270EB36CE1445B
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=https%3A%2F%2Fagr456ibarn.ru&t=xframe&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html&icid=162507185305875215
Frame ID: 36BC949DC347185829899DB9E51DFC6C
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=https%3A%2F%2Fagr456ibarn.ru&t=xframe&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html&icid=162507185305934716
Frame ID: EF57C90343C84578B1153310E0CCED2F
Requests: 1 HTTP requests in this frame

Frame: https://awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=https%3A%2F%2Fagr456ibarn.ru&es=eyJpIjoiSE5wcFBjZUZnR2Z0Z2RCbTZoZ2N6UT09IiwiZSI6ImVKU3IwYVYwQlYzSEZyUHJSQUpQRWlYMHZCQkp2KzRHVjZsYXptXC8rMEh5VytNUFczeURVaFpSMlkzUVh0cGs4M3hxc2k0NDdkM21vS2JJZncyUEcxSGlcL1lZeWVlVnpKWVNYSUpLOVNvc0RsdkRuQnNLS0RpUkNwdlI2UGozeXZDbHZTRnFGdGRYYjhBWGQ3T2haMkhBPT0ifQ%3D%3D.238afc50bd3930ef.YTY4ZTg1MzZlN2U4MmYyY2MxODcwYWVjODlhYjBiNTg4YzEzOTA3YTBlNzk5NmEyNGNmMjI1YmQxMzkxZjQ5MA%3D%3D&re=https%3A%2F%2Fstorage.googleapis.com%2F&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html&icid=16250718530694479
Frame ID: 5635030E3AC1DFD2F589A3740B8C16D6
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=25d54f6905920eb4220c0f2921160222637828027d34029697817372e3de10e9
Frame ID: 76E4818248F24B40998BE71F16A71EF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u22460067.ct.sendgrid.net/ls/click?upn=10Q1qIMUTs0Vtc9wvWLp45MvLH7ckdbmBeEC5hWYHgJBqB47q6x-2B9az1N-2B9... HTTP 302
https://storage.googleapis.com/joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

74
Requests

95 %
HTTPS

50 %
IPv6

14
Domains

18
Subdomains

18
IPs

3
Countries

999 kB
Transfer

1597 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u22460067.ct.sendgrid.net/ls/click?upn=10Q1qIMUTs0Vtc9wvWLp45MvLH7ckdbmBeEC5hWYHgJBqB47q6x-2B9az1N-2B9EFkzbcA5btHy0fG9KtBtzNP9uTKG9lgywZiVmydriSzGfQVk2S0DNG5gPL9ETXlwxPGKPMI1Z_pNWMkoQE-2FLkcuY2-2BWRez-2BsormVwzigl6A8zn3pc59KNGpATsHlHaiUHCMgabxbrJpCVlkL-2FXuYQ441nfDNDDipkh9NY6icZB-2BwXsSvl0SqH-2FA4VL4qLt89weNiMjaRzlNdqgwmzyirz-2BhSMNB5ORVCShNrn2WSugLwU7wQqfApQc8c2SzJainrU9r5S-2BwDzWde6gLw6kd6fwpDhklY6Na30AI8oFg-2Fn-2F-2FPs8qQJsXSU-3D HTTP 302
https://storage.googleapis.com/joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F HTTP 302
https://2549153.fls.doubleclick.net/activityi;dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request kjnkjnjhbjg.html Show response
storage.googleapis.com/joe3oj3ejo3jo.appspot.com/
Redirect Chain

https://u22460067.ct.sendgrid.net/ls/click?upn=10Q1qIMUTs0Vtc9wvWLp45MvLH7ckdbmBeEC5hWYHgJBqB47q6x-2B9az1N-2B9EFkzbcA5btHy0fG9KtBtzNP9uTKG9lgywZiVmydriSzGfQVk2S0DNG5gPL9ETXlwxPGKPMI1Z_pNWMkoQE-2FLk...
https://storage.googleapis.com/joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html

1 KB
2 KB

26ms
6ms

Document
text/html

2a00:1450:4001:812::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: aafa65a876f3b1ad1421bfc23d787a4ab539bfa768ab662cbb20eb9c6105e867

Request headers

:method: GET
:authority: storage.googleapis.com
:scheme: https
:path: /joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-guploader-uploadid: ADPycdtywoSnXW-21ZYKb_ZrYadd6dDt01-yoXrbzorj8xW-QTziVJDzkvqfqHN6117cvU4jwIUbWuLgaa5HfLf1rtA
expires: Wed, 30 Jun 2021 17:50:49 GMT
date: Wed, 30 Jun 2021 16:50:49 GMT
last-modified: Wed, 30 Jun 2021 10:33:45 GMT
etag: "cec28f62564481ca6520d9d1b8e0efcc"
x-goog-generation: 1625049225927327
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1450
x-goog-meta-firebasestoragedownloadtokens: c5b34177-bb43-441a-9fb1-f683527a2868
content-type: text/html
content-disposition: inline; filename*=utf-8''kjnkjnjhbjg.html
x-goog-hash: crc32c=xurU2g== md5=zsKPYlZEgcplINnRuODvzA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1450
server: UploadServer
cache-control: public, max-age=3600
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Server: nginx
Date: Wed, 30 Jun 2021 16:50:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 96
Connection: keep-alive
Location: https://storage.googleapis.com/joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html
X-Robots-Tag: noindex, nofollow

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 16:04:13 GMT

GET
H/1.1 200
OK index.html Show response
agr456ibarn.ru/asdf/ Frame 10C9 70 KB
71 KB 475ms
156ms Document
text/html 103.153.182.185
SNTHOSTINGS-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://agr456ibarn.ru/asdf/index.html
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/joe3oj3ejo3jo.appspot.com/kjnkjnjhbjg.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.182.185 Los Angeles, United States, ASN140947 (SNTHOSTINGS-AS-AP SnTHostings, IN),
Reverse DNS
Software: Apache /
Resource Hash: f752591c8d0812e6a253e9f8f25abf97319bdcffa1f573077e194a04942622b0

Request headers

Host: agr456ibarn.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://storage.googleapis.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://storage.googleapis.com/

Response headers

Date: Wed, 30 Jun 2021 16:50:51 GMT
Server: Apache
Last-Modified: Wed, 30 Jun 2021 10:30:44 GMT
Accept-Ranges: bytes
Content-Length: 72109
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK homepage_ret.css
www.wellsfargo.com/css/home/ Frame 10C9 51 KB
10 KB 670ms
158ms Stylesheet
text/css 159.45.170.145
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellsfargo.com/css/home/homepage_ret.css

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.145 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

439e6c4f53727e4e9508ecea1298f043e2850fefb140c3cd9eb15b330743d040

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 16:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 9890
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 19 May 2021 10:52:28 GMT
Server: KONICHIWA/2.0
ETag: "ccd2-5c2ac9f665300-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1800
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=46

GET
H/1.1 200
OK glu.js Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 65 KB
30 KB 731ms
196ms Script
application/x-javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/glu.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

a55538f049581421f442efc043eb45986bd6eb5e6211b1fcd3e576eebfe964cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:52 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK mint.js Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 74 KB
40 KB 201ms
196ms Script
application/x-javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.015450315346995147

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

94218373cdc5c78d8dcdf53313b3a99403e5fcc8ddba7a00abca7f9087e7a485

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:52 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK pic.js Show response
connect.secure.wellsfargo.com/PIDO/ Frame 10C9 64 KB
30 KB 195ms
194ms Script
application/x-javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.3389085886801675

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

7cbd736ef3eee64fe6920869e2f3c7956f149911f81bb1dde89cdb0d38b7a302

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:52 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK trx.js Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 91 KB
40 KB 711ms
187ms Script
application/x-javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/trx.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

26bb51f7ff7dd71260243ae7c86f83d119e46b5bc4702d7a4af8952b088db477

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:52 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK try.js Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 70 KB
32 KB 715ms
189ms Script
application/x-javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/try.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

e2c9b952639162af13b127d2b6d2000444b9287139105c6d481c736192abb136

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:52 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
Ok vyHb Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 130 B
880 B 288ms
194ms Script
text/javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGJTIyJTdEJTdEJTJDJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cud2VsbHNmYXJnby5jb20lMkYlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuZ29vZ2xlLmNvbSUyRiUyMiUyQyUyMnBpZCUyMiUzQTgwMjY0MDc3NiUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0ExJTJDJTIydHMlMjIlM0ExNjI0Njg2MjM0JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E1OTYzMDklN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.wellsfargo.com&t=jsonp&__tp=login&c=ucrpzpematr_sekc&eu=https%3A%2F%2Fwww.wellsfargo.com%2F

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

fac226203051734cac4244b6ceb88da6c94ac7e24c4380f8b54141d54578cb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:52 GMT
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 130
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
Ok vyHb Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 121 B
871 B 376ms
190ms Script
text/javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3FkYzhoZ2czaHhpaGFqM3EzcyUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fwww.wellsfargo.com&t=jsonp&__tp=login&c=xpxiyddqwwp_oykm&eu=https%3A%2F%2Fwww.wellsfargo.com%2F

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

e2734235f7829190dd899b5810be0af0a219171dc488fe723fc064ccba793dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:52 GMT
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 121
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
Ok ay6u Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 121 B
871 B 456ms
188ms Script
text/javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyOCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJzJTIyJTNBJTIyNzFmZjBlY2UtZDFlMC00MGM0LWE5NTQtMTY5ZTFjMmRmNTNiJTIyJTdEJTdEJTVE&cid=28&si=3&e=https%3A%2F%2Fwww.wellsfargo.com&t=jsonp&__tp=login&c=ncxxxagnrmsrfhxf&eu=https%3A%2F%2Fwww.wellsfargo.com%2F

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

3cf56d5e50a0c5446f4ff17e0e058d5b7d76b051c42ea098ee226d1909c3391e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:52 GMT
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 121
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
Ok vyHb Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 120 B
870 B 405ms
192ms Script
text/javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cud2VsbHNmYXJnby5jb20lMkYlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuZ29vZ2xlLmNvbSUyRiUyMiUyQyUyMnBpZCUyMiUzQTgwMjY0MDc3NiUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0EyJTJDJTIydHMlMjIlM0ExNjI0Njg2MjczJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5NTU3OTIlN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fwww.wellsfargo.com&t=jsonp&__tp=login&c=zwiaz_le_xrlmian&eu=https%3A%2F%2Fwww.wellsfargo.com%2F

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

88a670a53ad9e008854b684634fe432795ea34551b31470aec76b1b370ffd22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:52 GMT
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 120
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H2 200 homepage-horz-logo.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ Frame 10C9 5 KB
2 KB 53ms
7ms Image
image/svg+xml 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-128-179.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

780b98a3861aa8d4afe428953ad3b9e988a74cd5f064b4a1eb453f5d901221e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 16 May 2021 15:00:28 GMT
server: Akamai Resource Optimizer
etag: "15b8-5895bfcbfa2c0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=12422907
date: Wed, 30 Jun 2021 16:50:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1977
x-xss-protection: 1; mode=block
expires: Sun, 21 Nov 2021 11:39:19 GMT

GET
H2 200 homepage-lock.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ Frame 10C9 2 KB
975 B 14ms
9ms Image
image/svg+xml 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-128-179.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 03:50:14 GMT
server: Akamai Resource Optimizer
etag: "6f8-554880386bac0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=12422907
date: Wed, 30 Jun 2021 16:50:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 668
x-xss-protection: 1; mode=block
expires: Sun, 21 Nov 2021 11:39:19 GMT

GET
H/1.1 200
OK homepage-signon-lock.svg
www.wellsfargo.com/assets/images/css/template/homepage/ Frame 10C9 4 KB
4 KB 183ms
180ms Image
image/svg+xml 159.45.170.145
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wellsfargo.com/assets/images/css/template/homepage/homepage-signon-lock.svg

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.145 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

ea4b20ddecd76a86c3dc31d488970cf15e6284756c271b1d983f597652ebeb61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 16:50:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Mar 2019 00:50:27 GMT
Server: KONICHIWA/2.0
ETag: "f91-5838a9bd97ac0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=15552000
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=54
Content-Length: 3985
X-XSS-Protection: 1; mode=block

GET
H2 200 home_sprite_image.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ Frame 10C9 11 KB
11 KB 41ms
36ms Image
image/png 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/css/template/homepage/home_sprite_image.png
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: bad076c316b96cc04b2df0418f986f332e01ff6016eab56fa116a4ef4c9ca594

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 1247
etag: "2bdd-5adf72f0b78d8"
content-type: image/png
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:09 GMT
content-length: 11229
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 6825911_gettyimages-1153899955_img_hph_1200x532.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 44 KB
45 KB 56ms
52ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/6825911_gettyimages-1153899955_img_hph_1200x532.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 25a7b2470715372a0a94a6537d9bace902f317e038645f4cc867552e42e0162a

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:16 GMT
server: Akamai Image Manager
etag: "e10b-5bf55c8330276"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
content-length: 45290
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 wfi000_lg_b-wf-stagecoach_rednoborder_1200x532.gif
www01.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/ Frame 10C9 20 KB
20 KB 61ms
58ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/wfi000_lg_b-wf-stagecoach_rednoborder_1200x532.gif
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 810ea129e1e766e362f316f0605f1d3938e2feb01e4d6643d2645b51f3a8d3b8

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:10 GMT
server: Akamai Image Manager
etag: "73a4-58b5cbf29e800"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
content-length: 20748
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 wfic765_pg_1200x532.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 56 KB
56 KB 66ms
62ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/wfic765_pg_1200x532.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8d065126eb6eef432a47f7597e58dca37cc1667e7a20c97ff59ed73ff6fbf4fb

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:13 GMT
server: Akamai Image Manager
etag: "edb9-5b5fcbf910579"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
content-length: 57291
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 icon-marquee-dot-active.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ Frame 10C9 578 B
606 B 51ms
48ms Image
image/svg+xml 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/icon-marquee-dot-active.svg

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-128-179.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

004590468c4ed29e2b9ac5192217c685059d0d623e4398c49cdb4a0b5a386831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 03:51:26 GMT
server: Akamai Resource Optimizer
etag: "242-5838a9bd97ac0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=12422913
date: Wed, 30 Jun 2021 16:50:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 299
x-xss-protection: 1; mode=block
expires: Sun, 21 Nov 2021 11:39:25 GMT

GET
H2 200 icon-marquee-dot-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ Frame 10C9 587 B
604 B 53ms
50ms Image
image/svg+xml 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/icon-marquee-dot-inactive.svg

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-128-179.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

16b5311ddbd849fd1808d3d855f79d9640417d7c65714ffec6f6bb6f17416883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 05:22:05 GMT
server: Akamai Resource Optimizer
etag: "24b-5838a9bd97ac0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=12422913
date: Wed, 30 Jun 2021 16:50:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 297
x-xss-protection: 1; mode=block
expires: Sun, 21 Nov 2021 11:39:25 GMT

GET
H2 200 task_icon_house_50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/ Frame 10C9 584 B
774 B 27ms
23ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/task_icon_house_50x50.png
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 53f20554e5a8e812764c7e8241e14c9117d2197e00f1b87248bf458aa8e55caa

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:10 GMT
server: Akamai Image Manager
etag: "745-5a9edb120b8c5"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
content-length: 584
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 task_icon_credit-card_50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/ Frame 10C9 516 B
736 B 31ms
27ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/task_icon_credit-card_50x50.png
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 14ebe41c047e0cfca8e17b68f81bc0f980b75321c35d784360cf3491b1f9a06d

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 2020
etag: "6d2-5a9edb120b8c5"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:09 GMT
content-length: 516
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 task_icon_laptop-50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/ Frame 10C9 540 B
758 B 15ms
10ms Image
image/png 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/task_icon_laptop-50x50.png
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: ae6dd562558a0d6e692c910de53486132faa5c6ae81d0e85d67ba7f26b789a7f

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 93
etag: "31a-5a9edb120b4dd"
content-type: image/png
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:10 GMT
content-length: 540
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 task-icon-account-50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 960 B
1 KB 42ms
39ms Image
image/png 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/task-icon-account-50x50.png
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8dd5481f66610c830acc8ed072d8b7bfe7ddc27dc3d58c6651112d79b3c2f670

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 1019
etag: "4fd-5838a9bd97ac0"
content-type: image/png
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:10 GMT
content-length: 960
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 task-icon-rates-50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 1 KB
2 KB 45ms
42ms Image
image/png 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/task-icon-rates-50x50.png
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7926323a712a1fa861283bbdbde6f6df758e3a39c418fe1459f2b5dbe18102be

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:15 GMT
server: Akamai Image Manager
etag: "a0a-5838a9bd97ac0"
content-type: image/png
cache-control: private, no-transform, max-age=15552000
content-length: 1408
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 FICO-phone-borrowing-and-credit-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ Frame 10C9 26 KB
27 KB 35ms
31ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/FICO-phone-borrowing-and-credit-970x485.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 09504bdecbf274d2b3322b86c6cc699a186b4656cc220d563fcbfb08df220b08

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:11 GMT
server: Akamai Image Manager
etag: "8a28-5838a9bd97ac0"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
content-length: 26996
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 paying-phone-beach-banking-made-easy-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ Frame 10C9 33 KB
33 KB 69ms
66ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/paying-phone-beach-banking-made-easy-970x485.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7b1acbecc92198d28a194bab0fa46dd84878d9cb78f3e2bbbd4ba771ef168ebd

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 1401
etag: "8326-5838a9bd97ac0"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:13 GMT
content-length: 33574
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 couple-beach-retirement-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ Frame 10C9 31 KB
31 KB 71ms
68ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/couple-beach-retirement-970x485.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: aee5245049750ff1e0f9368e3f69e0804e637539bb95c22db5325f884fbe5e9e

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:12 GMT
server: Akamai Image Manager
etag: "8275-5838a9bd97ac0"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
content-length: 31394
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 couple-moving-in-homelending-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ Frame 10C9 34 KB
34 KB 74ms
71ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/couple-moving-in-homelending-970x485.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d6fdad356ecabcdcfb77a0486b3e240f450369e0304739e55c71a112d5f3d2df

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 1611
etag: "875e-5838a9bd97ac0"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:12 GMT
content-length: 34654
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 student-graduation-going-to-college-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ Frame 10C9 34 KB
35 KB 76ms
73ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/student-graduation-going-to-college-970x485.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: cfd4c24ae595a860f108f4de55ce9a1744bad06d612d508c4d0bf39901b9862c

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 974
etag: "891b-5838a9bd97ac0"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:19 GMT
content-length: 35099
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 woman-tablet-investing-basics-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ Frame 10C9 28 KB
28 KB 79ms
76ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/woman-tablet-investing-basics-970x485.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: eb38bf6136b9b597e78c4a80f041d4e3bbc9231b348e999ba5aa1e52ec2bbd0f

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:13 GMT
server: Akamai Image Manager
etag: "7fe5-5838a9bd97ac0"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
content-length: 28720
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 woman_checking_tablet_device.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ Frame 10C9 28 KB
29 KB 83ms
80ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/woman_checking_tablet_device.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d510b44eb432254133e3a77667c96ea0eee0a356614ef7938c0cab6b5d7fbcd9

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:11 GMT
server: Akamai Image Manager
etag: "7cbf-5b1002fe7391c"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
content-length: 29069
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 6818104_gettyimages-890847206_489_234.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 14 KB
15 KB 85ms
82ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/6818104_gettyimages-890847206_489_234.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 599e3c4b198d28b925b6eff10db70dcd5c9b44f3b0da091cdd35cc8245fe4b66

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 395
etag: "7237-5bf55c833065e"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:13 GMT
content-length: 14770
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 wfi111_ph_hre_default1_304x194.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 10 KB
10 KB 88ms
85ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/wfi111_ph_hre_default1_304x194.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 2af5bcc0ab347f0e039ec86b4f0a5f2fb506ef539c284331b5e8e78f3f94badc

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 1182
etag: "2c51-5548803b48180"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:16 GMT
content-length: 10061
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 wfic693_ph_b-jk_1027_3356_304x194.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 9 KB
9 KB 90ms
87ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/wfic693_ph_b-jk_1027_3356_304x194.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: fbe240520ac06a89f4bc6dd3bd580d5ee2ffa5c2adcf8f5934abf16ac8eeccd3

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:15 GMT
server: Akamai Image Manager
etag: "9ba7-5aceb06e0b615"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
content-length: 9458
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 wfi111_ph_hre_default3_304x194.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 14 KB
14 KB 92ms
89ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/wfi111_ph_hre_default3_304x194.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 34f5250710ce0ee2c5bdf5a5ff1a071a61b8c171b7f0ab96bf6deb935483a3d1

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
x-check-cacheable: YES
x-serial: 565
etag: "3852-5548803b48180"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
last-modified: Thu, 24 Jun 2021 01:40:10 GMT
content-length: 14418
server: Akamai Image Manager
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 wells-fargo-volunteer-gardening_414x240.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/ Frame 10C9 25 KB
25 KB 94ms
91ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/wells-fargo-volunteer-gardening_414x240.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4519a61d26f153bd19bda2ffdca5d102c56d61f6f5ef6f29727ca878f6ea1947

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:20 GMT
server: Akamai Image Manager
etag: "6b61-590dc93c63a80"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
content-length: 25210
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 stagecoach-two-drivers-field-green-414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 27 KB
28 KB 97ms
94ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/stagecoach-two-drivers-field-green-414x240.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 96c235d6343aaa272187a96413ebbd8fa15417c7591c02cf0d79fee2e03dfbbe

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:17 GMT
server: Akamai Image Manager
etag: "6d98-5548803e24840"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
content-length: 28056
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 redress_414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 18 KB
18 KB 99ms
96ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/redress_414x240.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 37822f946f1b79d00138a6e027d921492874dc7a79882dc5934277cccbd194b9

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:10 GMT
server: Akamai Image Manager
etag: "7595-582ce82ed0ac0"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
content-length: 18586
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 three-men-volunteer-house-414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 24 KB
24 KB 102ms
99ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/three-men-volunteer-house-414x240.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c550a26340fc6971f4767d351ae9c987603d3f5cf3cb18e91e3164d5fdca8be5

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:15 GMT
server: Akamai Image Manager
etag: "5eee-5548803e24840"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
content-length: 24302
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 woman-sitting-chair-tablet-screenshot-414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/ Frame 10C9 12 KB
12 KB 105ms
102ms Image
image/jpeg 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/homepage/woman-sitting-chair-tablet-screenshot-414x240.jpg
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3809cf83b36ac6b2f21dc1b73e22d2e594acf734d71e348dbd7f66ea38bfc658

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:10 GMT
server: Akamai Image Manager
etag: "2f6f-5548803e24840"
content-type: image/jpeg
cache-control: private, no-transform, max-age=15552000
content-length: 12143
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H/1.1 404
Not Found s.gif
agr456ibarn.ru/assets/images/global/ Frame 10C9 315 B
315 B 218ms
152ms Image
text/html 103.153.182.185
SNTHOSTINGS-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agr456ibarn.ru/assets/images/global/s.gif?log=1&cb=1624686208532&jsLogging=iaCallLog
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.182.185 Los Angeles, United States, ASN140947 (SNTHOSTINGS-AS-AP SnTHostings, IN),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://agr456ibarn.ru/asdf/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 16:50:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK accounts-cache.js Show response
connect.secure.wellsfargo.com/accounts/static/7M/accounts/ Frame 10C9 1 KB
1 KB 121ms
121ms Script
application/javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/accounts-cache.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

61ef7eb31d050412a1496488170cc4a2583fdcd11e12fc2a3a57095f687e669f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 16:50:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 532
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 08 Apr 2021 21:19:22 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "43a-5bf7c99e00a80-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=10368000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=53

GET
H/1.1 200
OK adrum-ext.js Show response
static.wellsfargo.com/assets/js/wfui/appdynamics/ Frame 10C9 44 KB
15 KB 543ms
126ms Script
application/javascript 159.45.66.178
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.178 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 16:50:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 14304
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "b11c-5bd1ed5b17b0b-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=92

GET
H/1.1 404
Not Found roll.js
agr456ibarn.ru/asdf/ Frame 10C9 0
0 157ms
152ms Script
text/html 103.153.182.185
SNTHOSTINGS-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://agr456ibarn.ru/asdf/roll.js
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.182.185 Los Angeles, United States, ASN140947 (SNTHOSTINGS-AS-AP SnTHostings, IN),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://agr456ibarn.ru/asdf/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 16:50:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ Frame 10C9 68 KB
24 KB 28ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Origin: https://agr456ibarn.ru
Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-10fdd"
vary: Accept-Encoding
x-hw: 1625071852.dop051.fr8.t,1625071852.cds216.fr8.hn,1625071852.cds257.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ Frame 10C9 19 KB
6 KB 21ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://agr456ibarn.ru
Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3014703
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6157
cf-request-id: 0aff6db2e9000063b3401ad000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jF744qbVHTToNUyW4XiTt%2Fm2WcvtryD1UCpnhvh7C7lxCDDg78ERZTkNrVm46O20NVJwFZ%2BvC1aCk2JNSZNOn9OJuScM54VGvL12sRQBkpoecypIGCHZ8SgkG7iWLA1TZEos3M%2BVYiPhndJjhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6678e564af3363b3-FRA
expires: Mon, 20 Jun 2022 16:50:52 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ Frame 10C9 48 KB
13 KB 77ms
57ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://agr456ibarn.ru
Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 12:52:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aff6db3000000d721c1ad8000000001
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d59f55a64d63f0e0ff3eb77cd9de3d72
cf-ray: 6678e564b93bd721-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 10C9 84 KB
29 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 16:11:48 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ Frame 10C9 50 KB
14 KB 36ms
16ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 718
age: 8624569
cdn-cachedat: 2021-03-11 11:57:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aff6db2f800004e0edf02d000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 48f4598378fe1b699fcee6ac68d6cc25
cf-ray: 6678e564c8874e0e-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.session.min.js Show response
cdn.jsdelivr.net/npm/jquery.session@1.0.0/ Frame 10C9 2 KB
1 KB 10ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 463130
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 933
etag: W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
x-served-by: cache-fra19137-FRA
date: Wed, 30 Jun 2021 16:50:52 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 homepage-magnifying-glass.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ Frame 10C9 236 B
426 B 48ms
46ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png
Requested by: Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8dc5436dce4423f0e53e85904b6dc0552c1c8bbde0dd4ec1c929a1c272201c4c

Request headers

Referer: https://www.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:15 GMT
server: Akamai Image Manager
etag: "12e-559997c5ea8c0"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
content-length: 236
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 alert-icon.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ Frame 10C9 2 KB
1 KB 105ms
103ms Image
image/svg+xml 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/alert-icon.svg

Requested by

Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-128-179.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

649dcf3e5665f599b97ab67a10b75f7f1246378806c243c22a6a4130aa12e622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 13:41:38 GMT
server: Akamai Resource Optimizer
etag: "731-5a5af660e87e9"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=12422907
date: Wed, 30 Jun 2021 16:50:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 736
x-xss-protection: 1; mode=block
expires: Sun, 21 Nov 2021 11:39:19 GMT

GET
H2 200 chevron-right-blue.png
www01.wellsfargomedia.com/assets/images/css/template/ Frame 10C9 140 B
329 B 107ms
105ms Image
image/webp 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png
Requested by: Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-128-179.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 15edc68516d9016f5df0651edcd4eedfd5c2f440d85f932f7a2b973b70d37883

Request headers

Referer: https://www.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 16:50:52 GMT
last-modified: Thu, 24 Jun 2021 01:40:12 GMT
server: Akamai Image Manager
etag: "3fc-4dd7c48542580"
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
content-length: 140
expires: Mon, 27 Dec 2021 16:50:52 GMT

GET
H2 200 icn-uti-checkbox.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ Frame 10C9 728 B
647 B 11ms
6ms Image
image/svg+xml 23.79.128.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/icn-uti-checkbox.svg

Requested by

Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.128.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-128-179.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

d6f9a6d48f3d43b2f7004bb3f1bea032abe36c545087c45907bf36f6d1949bc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 16 May 2021 04:20:52 GMT
server: Akamai Resource Optimizer
etag: "2d8-5838a9bd97ac0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=12422907
date: Wed, 30 Jun 2021 16:50:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 340
x-xss-protection: 1; mode=block
expires: Sun, 21 Nov 2021 11:39:19 GMT

GET runtime.003a2b7993f17cc44b75.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/ Frame 10C9 0
0

GET vendor.de4b09099d66e8ac224c.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/ Frame 10C9 0
0

GET main.05b469655774f03111d9.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/ Frame 10C9 0
0

GET main.3ce9bbaf67774cfc4e2572c4f9c5b655.css
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/ Frame 10C9 0
0

GET
H3-29

200

activityi;dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u2... Show response
2549153.fls.doubleclick.net/ Frame 2EC4
Redirect Chain

https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;...
https://2549153.fls.doubleclick.net/activityi;dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039...

553 B
459 B

35ms
20ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2549153.fls.doubleclick.net/activityi;dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?

Requested by

Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

8fbcbbda037908b17d77b8736808319773cdd085b30e0ada697bfd662555fefa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2549153.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agr456ibarn.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agr456ibarn.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Jun 2021 16:50:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 434
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Jun-2021 17:05:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Jun 2021 16:50:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://2549153.fls.doubleclick.net/activityi;dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 404
Not Found roll.js
agr456ibarn.ru/asdf/ Frame 10C9 0
0 153ms
153ms Script
text/html 103.153.182.185
SNTHOSTINGS-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://agr456ibarn.ru/asdf/roll.js
Requested by: Host: agr456ibarn.ru
URL: https://agr456ibarn.ru/asdf/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.182.185 Los Angeles, United States, ASN140947 (SNTHOSTINGS-AS-AP SnTHostings, IN),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://agr456ibarn.ru/asdf/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 16:50:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;... Show response
adservice.google.com/ddm/fls/i/ Frame 6652 552 B
925 B 61ms
42ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F

Requested by

Host: 2549153.fls.doubleclick.net
URL: https://2549153.fls.doubleclick.net/activityi;dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc1212405fbd51a3f9c35014151abdb174e9aad8c9f9df098c49cf8c82d26e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Jun 2021 16:50:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 435
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;... Show response
adservice.google.de/ddm/fls/i/ Frame 7D40 194 B
931 B 62ms
42ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CLmAmbTov_ECFU0DBgAdIbEIYA;src=2549153;type=allv40;cat=all_a00;ord=7751603161285;gtm=2od2o0;auiddc=1937425834.1624686246;u1=11202106252243191039646572;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Jun 2021 16:50:53 GMT
expires: Wed, 30 Jun 2021 16:50:53 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
Ok vyHb Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 89 B
838 B 201ms
201ms Script
text/javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnN0b3JhZ2UuZ29vZ2xlYXBpcy5jb20lMkYlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmFncjQ1NmliYXJuLnJ1JTJGYXNkZiUyRmluZGV4Lmh0bWwlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzdG9yYWdlLmdvb2dsZWFwaXMuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTY0MTQwNjk2JTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTElMkMlMjJ0cyUyMiUzQTE2MjUwNzE4NTMlMkMlMjJyYW5kJTIyJTNBMjQ1NjElN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fagr456ibarn.ru&t=jsonp&c=bokenrrgvk_cxnzp&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

142eeea1eb5dec659d5c329198c4184556dff8099e41376d4f03d1bb13872041

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:53 GMT
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 89
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK adrum-ext.b4436be974de477658d4a93afb752165.js Show response
static.wellsfargo.com/assets/js/wfui/appdynamics/ Frame 10C9 47 KB
16 KB 130ms
130ms Script
application/javascript 159.45.66.178
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.178 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 16:50:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 15970
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "bbed-5bcaa756e6628-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=93

GET
H/1.1 200
OK elegant.html Show response
connect.secure.wellsfargo.com/AIDO/ Frame 36BC 61 KB
28 KB 188ms
188ms Document
text/html 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=https%3A%2F%2Fagr456ibarn.ru&t=xframe&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html&icid=162507185305875215

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

9978212d87276cb8fac8cc7305a1ccf73121e0b30afea258b0ce66cbceb34d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Host: connect.secure.wellsfargo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://agr456ibarn.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agr456ibarn.ru/

Response headers

Server: KONICHIWA/1.1
Date: Wed, 30 Jun 2021 16:50:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
max-age: 0
Expires: -1
Strict-Transport-Security: max-age=86400
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Set-cookie: ISD_ABC_COOKIE=A; Max-Age=2400; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly

GET
H/1.1 200
OK / Show response
connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secu... Frame EF57 56 KB
25 KB 192ms
191ms Document
text/html 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=https%3A%2F%2Fagr456ibarn.ru&t=xframe&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html&icid=162507185305934716

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

35225bba0fd74c52d16a95ef6b3f69a392df755769ff9a0c19a9b3ca85c65cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Host: connect.secure.wellsfargo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://agr456ibarn.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agr456ibarn.ru/

Response headers

Server: KONICHIWA/1.1
Date: Wed, 30 Jun 2021 16:50:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
max-age: 0
Expires: -1
Strict-Transport-Security: max-age=86400
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Set-cookie: ISD_ABC_COOKIE=A; Max-Age=2400; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly

GET
H2 200 mech.html Show response
awusw-wfr.advanced-web-analytics.com/AIDO/ Frame 5635 0
449 B 523ms
167ms Document
text/html 54.241.164.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=https%3A%2F%2Fagr456ibarn.ru&es=eyJpIjoiSE5wcFBjZUZnR2Z0Z2RCbTZoZ2N6UT09IiwiZSI6ImVKU3IwYVYwQlYzSEZyUHJSQUpQRWlYMHZCQkp2KzRHVjZsYXptXC8rMEh5VytNUFczeURVaFpSMlkzUVh0cGs4M3hxc2k0NDdkM21vS2JJZncyUEcxSGlcL1lZeWVlVnpKWVNYSUpLOVNvc0RsdkRuQnNLS0RpUkNwdlI2UGozeXZDbHZTRnFGdGRYYjhBWGQ3T2haMkhBPT0ifQ%3D%3D.238afc50bd3930ef.YTY4ZTg1MzZlN2U4MmYyY2MxODcwYWVjODlhYjBiNTg4YzEzOTA3YTBlNzk5NmEyNGNmMjI1YmQxMzkxZjQ5MA%3D%3D&re=https%3A%2F%2Fstorage.googleapis.com%2F&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html&icid=16250718530694479
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.164.141 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: haile /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: awusw-wfr.advanced-web-analytics.com
:scheme: https
:path: /AIDO/mech.html?e=https%3A%2F%2Fagr456ibarn.ru&es=eyJpIjoiSE5wcFBjZUZnR2Z0Z2RCbTZoZ2N6UT09IiwiZSI6ImVKU3IwYVYwQlYzSEZyUHJSQUpQRWlYMHZCQkp2KzRHVjZsYXptXC8rMEh5VytNUFczeURVaFpSMlkzUVh0cGs4M3hxc2k0NDdkM21vS2JJZncyUEcxSGlcL1lZeWVlVnpKWVNYSUpLOVNvc0RsdkRuQnNLS0RpUkNwdlI2UGozeXZDbHZTRnFGdGRYYjhBWGQ3T2haMkhBPT0ifQ%3D%3D.238afc50bd3930ef.YTY4ZTg1MzZlN2U4MmYyY2MxODcwYWVjODlhYjBiNTg4YzEzOTA3YTBlNzk5NmEyNGNmMjI1YmQxMzkxZjQ5MA%3D%3D&re=https%3A%2F%2Fstorage.googleapis.com%2F&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html&icid=16250718530694479
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agr456ibarn.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agr456ibarn.ru/

Response headers

date: Wed, 30 Jun 2021 16:50:53 GMT
content-type: text/html
content-length: 0
server: haile
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"

GET
H/1.1 200
OK gateway.html Show response
connect.secure.wellsfargo.com/AIDO/ Frame 76E4 21 KB
10 KB 179ms
179ms Document
text/html 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=25d54f6905920eb4220c0f2921160222637828027d34029697817372e3de10e9

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

dd3b7d6bafdce2c4404852e294d95310f8bbbfdbdc59210d0ab630a57d81ba79

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Host: connect.secure.wellsfargo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://agr456ibarn.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agr456ibarn.ru/

Response headers

Server: KONICHIWA/1.1
Date: Wed, 30 Jun 2021 16:50:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
max-age: 0
Expires: Wed, 30 Jun 2021 17:50:53 GMT
Strict-Transport-Security: max-age=86400
X-XSS-Protection: 1; mode=block
Cache-Control: private, max-age=3600
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Set-cookie: ISD_ABC_COOKIE=A; Max-Age=2400; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly

GET
H/1.1 200
Ok ay6u Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 80 B
829 B 193ms
193ms Script
text/javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIzNCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZCUyMiUzQSU3QiUyMnBzZCUyMiUzQSU3QiUyMjE4ODI2MTMzMDAlMjIlM0ElN0IlMjJwJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZ3I0NTZpYmFybi5ydSUyRmFzZGYlMkZpbmRleC5odG1sJTIyJTJDJTIyZmslMjIlM0ElMjJ0cnkuanMlMjIlMkMlMjJ0YWslMjIlM0ElMjJOJTJGQSUyMiUyQyUyMmJjYiUyMiUzQSU1QiUyMjQlMjIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTJDJTIycmVwJTIyJTNBJTdCJTIyYmNiJTIyJTNBJTVCJTVEJTJDJTIybWYlMjIlM0ElNUIlNUQlMkMlMjJkcyUyMiUzQSU1QiU1RCU3RCU3RCU3RCU3RCU3RCU3RCU1RA%3D%3D&cid=34&si=3&e=https%3A%2F%2Fagr456ibarn.ru&t=jsonp&c=icevzwsxgolyrmpn&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

53b65957973ddfa3891f06f5449e1e3456b18177c7128116f2d5ccdfc5ef1576

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:54 GMT
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 80
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

POST
H/1.1 200
OK adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/ Frame 10C9 0
1 KB 707ms
157ms XHR
text/html 54.68.225.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/adrum

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.68.225.43 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 16:50:54 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 0
expires: 0

GET
H/1.1 200
Ok vyHb Show response
connect.secure.wellsfargo.com/AIDO/ Frame 10C9 80 B
829 B 193ms
193ms Script
text/javascript 159.45.2.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3FqcHRvZjNuY2VyYnE4djFxYiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fagr456ibarn.ru&t=jsonp&c=_tbnterrwplqtdne&eu=https%3A%2F%2Fagr456ibarn.ru%2Fasdf%2Findex.html

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

55460604d8c4225f477018568460a4ee889a0e3afd752a85b1c889acfaf2a6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agr456ibarn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 16:50:55 GMT
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 80
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.003a2b7993f17cc44b75.js

Domain: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.de4b09099d66e8ac224c.js

Domain: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.05b469655774f03111d9.js

Domain: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.3ce9bbaf67774cfc4e2572c4f9c5b655.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 19:24:32	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js(Line 2) Message: AppDynamics EUM cloud application key missing. Please specify window['adrum-app-key']

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2549153.fls.doubleclick.net
adservice.google.com
adservice.google.de
agr456ibarn.ru
ajax.googleapis.com
awusw-wfr.advanced-web-analytics.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
col.eum-appdynamics.com
connect.secure.wellsfargo.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
static.wellsfargo.com
storage.googleapis.com
u22460067.ct.sendgrid.net
www.wellsfargo.com
www01.wellsfargomedia.com
connect.secure.wellsfargo.com
103.153.182.185
142.250.185.70
159.45.170.145
159.45.2.156
159.45.66.178
167.89.118.35
2001:4de0:ac18::1:a:2a
23.79.128.179
2606:4700::6810:135e
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:803::200a
2a00:1450:4001:812::2010
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2002
2a04:4e42:3::485
54.241.164.141
54.68.225.43
004590468c4ed29e2b9ac5192217c685059d0d623e4398c49cdb4a0b5a386831
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09504bdecbf274d2b3322b86c6cc699a186b4656cc220d563fcbfb08df220b08
142eeea1eb5dec659d5c329198c4184556dff8099e41376d4f03d1bb13872041
14ebe41c047e0cfca8e17b68f81bc0f980b75321c35d784360cf3491b1f9a06d
15edc68516d9016f5df0651edcd4eedfd5c2f440d85f932f7a2b973b70d37883
16b5311ddbd849fd1808d3d855f79d9640417d7c65714ffec6f6bb6f17416883
25a7b2470715372a0a94a6537d9bace902f317e038645f4cc867552e42e0162a
26bb51f7ff7dd71260243ae7c86f83d119e46b5bc4702d7a4af8952b088db477
2af5bcc0ab347f0e039ec86b4f0a5f2fb506ef539c284331b5e8e78f3f94badc
34f5250710ce0ee2c5bdf5a5ff1a071a61b8c171b7f0ab96bf6deb935483a3d1
35225bba0fd74c52d16a95ef6b3f69a392df755769ff9a0c19a9b3ca85c65cd6
37822f946f1b79d00138a6e027d921492874dc7a79882dc5934277cccbd194b9
3809cf83b36ac6b2f21dc1b73e22d2e594acf734d71e348dbd7f66ea38bfc658
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
3cf56d5e50a0c5446f4ff17e0e058d5b7d76b051c42ea098ee226d1909c3391e
439e6c4f53727e4e9508ecea1298f043e2850fefb140c3cd9eb15b330743d040
4519a61d26f153bd19bda2ffdca5d102c56d61f6f5ef6f29727ca878f6ea1947
53b65957973ddfa3891f06f5449e1e3456b18177c7128116f2d5ccdfc5ef1576
53f20554e5a8e812764c7e8241e14c9117d2197e00f1b87248bf458aa8e55caa
55460604d8c4225f477018568460a4ee889a0e3afd752a85b1c889acfaf2a6b3
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
599e3c4b198d28b925b6eff10db70dcd5c9b44f3b0da091cdd35cc8245fe4b66
61ef7eb31d050412a1496488170cc4a2583fdcd11e12fc2a3a57095f687e669f
649dcf3e5665f599b97ab67a10b75f7f1246378806c243c22a6a4130aa12e622
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
780b98a3861aa8d4afe428953ad3b9e988a74cd5f064b4a1eb453f5d901221e7
7926323a712a1fa861283bbdbde6f6df758e3a39c418fe1459f2b5dbe18102be
7b1acbecc92198d28a194bab0fa46dd84878d9cb78f3e2bbbd4ba771ef168ebd
7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab
7cbd736ef3eee64fe6920869e2f3c7956f149911f81bb1dde89cdb0d38b7a302
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
810ea129e1e766e362f316f0605f1d3938e2feb01e4d6643d2645b51f3a8d3b8
88a670a53ad9e008854b684634fe432795ea34551b31470aec76b1b370ffd22b
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8d065126eb6eef432a47f7597e58dca37cc1667e7a20c97ff59ed73ff6fbf4fb
8dc5436dce4423f0e53e85904b6dc0552c1c8bbde0dd4ec1c929a1c272201c4c
8dd5481f66610c830acc8ed072d8b7bfe7ddc27dc3d58c6651112d79b3c2f670
8fbcbbda037908b17d77b8736808319773cdd085b30e0ada697bfd662555fefa
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
94218373cdc5c78d8dcdf53313b3a99403e5fcc8ddba7a00abca7f9087e7a485
96c235d6343aaa272187a96413ebbd8fa15417c7591c02cf0d79fee2e03dfbbe
9978212d87276cb8fac8cc7305a1ccf73121e0b30afea258b0ce66cbceb34d83
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a55538f049581421f442efc043eb45986bd6eb5e6211b1fcd3e576eebfe964cd
aafa65a876f3b1ad1421bfc23d787a4ab539bfa768ab662cbb20eb9c6105e867
ae6dd562558a0d6e692c910de53486132faa5c6ae81d0e85d67ba7f26b789a7f
aee5245049750ff1e0f9368e3f69e0804e637539bb95c22db5325f884fbe5e9e
bad076c316b96cc04b2df0418f986f332e01ff6016eab56fa116a4ef4c9ca594
bc1212405fbd51a3f9c35014151abdb174e9aad8c9f9df098c49cf8c82d26e7d
c550a26340fc6971f4767d351ae9c987603d3f5cf3cb18e91e3164d5fdca8be5
cfd4c24ae595a860f108f4de55ce9a1744bad06d612d508c4d0bf39901b9862c
d510b44eb432254133e3a77667c96ea0eee0a356614ef7938c0cab6b5d7fbcd9
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d6f9a6d48f3d43b2f7004bb3f1bea032abe36c545087c45907bf36f6d1949bc6
d6fdad356ecabcdcfb77a0486b3e240f450369e0304739e55c71a112d5f3d2df
dd3b7d6bafdce2c4404852e294d95310f8bbbfdbdc59210d0ab630a57d81ba79
e2734235f7829190dd899b5810be0af0a219171dc488fe723fc064ccba793dc9
e2c9b952639162af13b127d2b6d2000444b9287139105c6d481c736192abb136
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ea4b20ddecd76a86c3dc31d488970cf15e6284756c271b1d983f597652ebeb61
eb38bf6136b9b597e78c4a80f041d4e3bbc9231b348e999ba5aa1e52ec2bbd0f
f752591c8d0812e6a253e9f8f25abf97319bdcffa1f573077e194a04942622b0
fac226203051734cac4244b6ceb88da6c94ac7e24c4380f8b54141d54578cb33
fbe240520ac06a89f4bc6dd3bd580d5ee2ffa5c2adcf8f5934abf16ac8eeccd3

storage.googleapis.com Open in urlscan Pro 2a00:1450:4001:812::2010 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

95 %HTTPS

50 %IPv6

14 Domains

18 Subdomains

18 IPs

3 Countries

999 kBTransfer

1597 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

storage.googleapis.com Open in urlscan Pro
2a00:1450:4001:812::2010 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

95 %
HTTPS

50 %
IPv6

14
Domains

18
Subdomains

18
IPs

3
Countries

999 kB
Transfer

1597 kB
Size

1
Cookies

74 HTTP transactions
0 data transactions