Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://getwellslogsnowonline.vercel.app/

Overview

General Information

Sample URL:https://getwellslogsnowonline.vercel.app/
Analysis ID:1604811
Infos:
Errors
  • URL not reachable

Detection

Score:64
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
HTML body contains low number of good links
HTML title does not match URL
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 6460 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 6732 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1980,i,686530358897787946,159423849547294936,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • chrome.exe (PID: 1812 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://getwellslogsnowonline.vercel.app/" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://getwellslogsnowonline.vercel.app/Avira URL Cloud: detection malicious, Label: phishing
Antivirus detection for URL or domain
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854945&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/favicon_48x48.pngAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839538&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/tick.pngAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/position-3-bg-gradient.pngAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854942&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/bg.jpgAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839527&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839534&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854954&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/target/offers/conversationsAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854943&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/js/wfui-container-bottom.js/assets/js/wfui/ndep/websdk/nuance-websdk-loader.jsAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-sbd.woff2Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854946&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOfferAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.cssAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/wf_logo_220x23.pngAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/HYeWm0Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-lt.woff2Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839532&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/bg2.jpgAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839523&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOPAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854948&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854940&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-bd.woff2Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453864077&event=LinkActivated&eventType=click&eventDescription=SubmitSignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8&linkText=Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/auth/login/static/js/general_alt.js?1jsAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839526&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/responsive-sprite-v10.pngAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839529&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854947&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228778-16%7Etcm%3A91-228643-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839536&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839535&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/box.pngAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/position-2-bg-gradient.pngAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/favicon.icoAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854951&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-rg.woff2Avira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/images/home.pngAvira URL Cloud: Label: phishing
Source: https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854950&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2Avira URL Cloud: Label: phishing

Phishing

barindex
AI detected phishing page
Source: https://getwellslogsnowonline.vercel.app/Joe Sandbox AI: Score: 9 Reasons: The brand 'Wells Fargo' is a well-known financial institution., The legitimate domain for Wells Fargo is 'wellsfargo.com'., The URL 'getwellslogsnowonline.vercel.app' does not match the legitimate domain., The URL contains suspicious elements such as 'getwellslogsnowonline', which is not associated with Wells Fargo., The use of 'vercel.app' as a domain extension is unusual for a financial institution like Wells Fargo., The presence of input fields for 'Username' and 'Password' on a non-legitimate domain is a common phishing tactic. DOM: 1.0.pages.csv
Source: https://getwellslogsnowonline.vercel.app/error.htmlJoe Sandbox AI: Score: 9 Reasons: The brand 'Wells Fargo' is a well-known financial institution., The legitimate domain for Wells Fargo is 'wellsfargo.com'., The URL 'getwellslogsnowonline.vercel.app' does not match the legitimate domain., The URL contains suspicious elements such as 'getwellslogsnowonline', which is not associated with Wells Fargo., The use of 'vercel.app' as a domain extension is unusual for a financial institution like Wells Fargo., The presence of input fields for 'Username' and 'Password' on a non-legitimate domain is a common phishing tactic. DOM: 2.1.pages.csv
Source: https://getwellslogsnowonline.vercel.app/error.htmlJoe Sandbox AI: Score: 9 Reasons: The brand 'Wells Fargo' is a well-known financial institution with a legitimate domain of 'wellsfargo.com'., The URL 'getwellslogsnowonline.vercel.app' does not match the legitimate domain of Wells Fargo., The URL contains suspicious elements such as 'getwellslogsnowonline', which is not associated with Wells Fargo., The use of 'vercel.app' as a domain extension is unusual for a financial institution like Wells Fargo., The presence of input fields for 'Username' and 'Password' on a non-legitimate domain is a common phishing tactic. DOM: 2.4.pages.csv
Source: https://getwellslogsnowonline.vercel.app/HTTP Parser: Number of links: 0
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: Number of links: 0
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: Title: Error does not match URL
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: Iframe src: https://t.dtscout.com/idg/?su=51A01738453856FF81C4B374F5DED806
Source: https://getwellslogsnowonline.vercel.app/HTTP Parser: <input type="password" .../> found
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: <input type="password" .../> found
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: No favicon
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: No favicon
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: No favicon
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: No favicon
Source: https://getwellslogsnowonline.vercel.app/HTTP Parser: No <meta name="author".. found
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: No <meta name="author".. found
Source: https://getwellslogsnowonline.vercel.app/HTTP Parser: No <meta name="copyright".. found
Source: https://getwellslogsnowonline.vercel.app/error.htmlHTTP Parser: No <meta name="copyright".. found
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.55
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.55
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.55
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.55
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/general_alt.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /css/ps-homepage.ae488a2de98b84f77de2.css HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/homepage_iaoffer.e2e5b96e43979f8bc7a0.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/bg.jpg HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/wf_logo_220x23.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/general_alt.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/ps-homepage.a6e0fae1893ddffe12f0.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/bg.jpg HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fonts/wellsfargosans-rg.woff2 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://getwellslogsnowonline.vercel.appsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/wf_logo_220x23.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/homepage_iaoffer.e2e5b96e43979f8bc7a0.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fonts/wellsfargosans-sbd.woff2 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://getwellslogsnowonline.vercel.appsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fonts/wellsfargosans-bd.woff2 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://getwellslogsnowonline.vercel.appsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fonts/wellsfargosans-lt.woff2 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://getwellslogsnowonline.vercel.appsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/responsive-sprite-v10.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/ps-homepage.a6e0fae1893ddffe12f0.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full
Source: global trafficHTTP traffic detected: GET /images/position-1-bg-gradient.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /images/position-2-bg-gradient.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /images/position-3-bg-gradient.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /images/home.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /js/wfui-container-bottom.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /HYeWm0 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/position-1-bg-gradient.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /images/position-2-bg-gradient.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /auth/login/static/js/general_alt.js?async&seed=AEDDddqMAQAAuz2kldGkNWGi1YziXvZwTBGqewHhZCxfwmQxhETua2vL7UsX&X-G2Q3kxs3--z=q HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /auth/login/static/js/general_alt.js?1js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/responsive-sprite-v10.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /images/position-3-bg-gradient.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /images/home.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /js/wfui-container-bottom.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /tracking/hp/utag.js HTTP/1.1Host: c1.wfinterface.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839523&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839526&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839527&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839528&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839529&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839530&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /get/script.js?referrer=https://getwellslogsnowonline.vercel.app/ HTTP/1.1Host: userstatics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839531&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228778-16%7Etcm%3A91-228643-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839532&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839533&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228784-16%7Etcm%3A91-228643-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839534&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839535&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839536&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839538&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/tick.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /images/favicon_48x48.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/box.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /tracking/hp/utag.js HTTP/1.1Host: c1.wfinterface.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /get/script.js?referrer=https://getwellslogsnowonline.vercel.app/ HTTP/1.1Host: userstatics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/tick.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /images/favicon_48x48.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838If-None-Match: "9e61471ad345209296d5e27f4e391a7e"If-Modified-Since: Fri, 31 Jan 2025 18:36:33 GMT
Source: global trafficHTTP traffic detected: GET /images/box.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1Host: www17.wellsfargomedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /error.html HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453851933&event=LinkActivated&eventType=click&destinationUrl=error.html&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32&linkText=Get+started%3E%3E&eventDescription=Marquee HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.0.1738453838.0.0.0; _ga=GA1.1.2112480148.1738453838
Source: global trafficHTTP traffic detected: GET /css/ps-homepage.ae488a2de98b84f77de2.css HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"If-None-Match: "c155610c6880bde05c3c37c85a6b49d2"If-Modified-Since: Fri, 31 Jan 2025 18:57:29 GMTsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453852.0.0.0
Source: global trafficHTTP traffic detected: GET /js/homepage_iaoffer.e2e5b96e43979f8bc7a0.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"If-None-Match: "7558dd36a5a3d8d44bb1a04601ae6560"If-Modified-Since: Fri, 31 Jan 2025 18:57:28 GMTsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453852.0.0.0
Source: global trafficHTTP traffic detected: GET /images/bg2.jpg HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453852.0.0.0
Source: global trafficHTTP traffic detected: GET /images/wf_logo_220x23.png HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"If-None-Match: "dc1968433c75a52613cce778e0dae0da"If-Modified-Since: Fri, 31 Jan 2025 19:27:16 GMTsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453852.0.0.0
Source: global trafficHTTP traffic detected: GET /js/ps-homepage.a6e0fae1893ddffe12f0.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"If-None-Match: "cbad1da1278051fa1e55e6bbee01b298"If-Modified-Since: Fri, 31 Jan 2025 18:57:29 GMTsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453852.0.0.0
Source: global trafficHTTP traffic detected: GET /js/wfui-container-bottom.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"If-None-Match: "308e427d5e59a148900bf524ecd5829a"If-Modified-Since: Fri, 31 Jan 2025 18:57:29 GMTsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453852.0.0.0
Source: global trafficHTTP traffic detected: GET /js15_as.js HTTP/1.1Host: s10.histats.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /HYeWm0 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453852.0.0.0
Source: global trafficHTTP traffic detected: GET /images/bg2.jpg HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453852.0.0.0
Source: global trafficHTTP traffic detected: GET /js/wfui-container-bottom.js/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453852.0.0.0
Source: global trafficHTTP traffic detected: GET /js15_as.js HTTP/1.1Host: s10.histats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /stats/0.php?4854432&@f16&@g1&@h1&@i1&@j1738453853904&@k0&@l1&@mError&@n0&@ohttps%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-9690431&@b3:1738453854&@b4:js15_as.js&@b5:-300&@a-_0.2.1&@vhttps%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&@w HTTP/1.1Host: s4.histats.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&j=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F HTTP/1.1Host: e.dtscout.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /stats/0.php?4854432&@f16&@g1&@h1&@i1&@j1738453853904&@k0&@l1&@mError&@n0&@ohttps%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-9690431&@b3:1738453854&@b4:js15_as.js&@b5:-300&@a-_0.2.1&@vhttps%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&@w HTTP/1.1Host: s4.histats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854936&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854940&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854942&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854943&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854945&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854946&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /idg/?su=51A01738453856FF81C4B374F5DED806 HTTP/1.1Host: t.dtscout.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=1; st=1; df=1738453856; l=51A01738453856FF81C4B374F5DED806
Source: global trafficHTTP traffic detected: GET /pv/?_a=v&_h=getwellslogsnowonline.vercel.app&_ss=2fr49utj3d&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=123c&_cb=_dtspv.c HTTP/1.1Host: t.dtscout.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=1; st=1; df=1738453856; l=51A01738453856FF81C4B374F5DED806
Source: global trafficHTTP traffic detected: GET /afwu.js HTTP/1.1Host: cdn.tynt.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&j=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F HTTP/1.1Host: e.dtscout.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=1; st=1; df=1738453856; l=51A01738453856FF81C4B374F5DED806
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854947&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228778-16%7Etcm%3A91-228643-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854948&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854949&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228784-16%7Etcm%3A91-228643-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854950&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854951&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854952&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /1/d/t.dhj?cls=sync&dmn=getwellslogsnowonline.vercel.app&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid= HTTP/1.1Host: pxdrop.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /pd/dtscout HTTP/1.1Host: pd.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /dtsa.js HTTP/1.1Host: p.dtsan.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /afwu.js HTTP/1.1Host: cdn.tynt.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854954&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0
Source: global trafficHTTP traffic detected: GET /pv/?_a=v&_h=getwellslogsnowonline.vercel.app&_ss=2fr49utj3d&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=123c&_cb=_dtspv.c HTTP/1.1Host: t.dtscout.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=1; st=1; df=1738453856; l=51A01738453856FF81C4B374F5DED806
Source: global trafficHTTP traffic detected: GET /b/p?id=wu!&lm=0&ts=1738453856261&dn=AFWU&iso=0&pu=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&r=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&t=Error&chpv=10.0.0&chuav=Google%20Chrome%3Bv%3D117.0.5938.149%2C%20Not%3BA%3DBrand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D117.0.5938.149&chp=Windows&chmob=0&chua=Google%20Chrome%3Bv%3D117%2C%20Not%3BA%3DBrand%3Bv%3D8%2C%20Chromium%3Bv%3D117 HTTP/1.1Host: ic.tynt.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /widget/?d=51A01738453856FF81C4B374F5DED806&nid=300&p=2114454483&t=300&s=1280x1024x24&u=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&r=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F HTTP/1.1Host: t.dtscdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?partner=137085098&mapped=51A01738453856FF81C4B374F5DED806 HTTP/1.1Host: pixel.onaudience.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /deb/v2?id=wu!&dn=AFWU&cc=1&chpv=10.0.0&chuav=Google%20Chrome%3Bv%3D117.0.5938.149%2C%20Not%3BA%3DBrand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D117.0.5938.149&chp=Windows&chmob=0&chua=Google%20Chrome%3Bv%3D117%2C%20Not%3BA%3DBrand%3Bv%3D8%2C%20Chromium%3Bv%3D117&r=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&pu=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html HTTP/1.1Host: de.tynt.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /lt/c/3825/lt.min.js HTTP/1.1Host: tags.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /1/d/t.dhj?cls=sync&dmn=getwellslogsnowonline.vercel.app&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid= HTTP/1.1Host: pxdrop.lijit.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: lijitAcc3PC=1
Source: global trafficHTTP traffic detected: GET /a/t_.htm?ver=1.1683.885&cid=c026&cls=sync HTTP/1.1Host: pxdrop.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: lijitAcc3PC=1
Source: global trafficHTTP traffic detected: GET /pd/dtscout?_t_=px&url=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&event_source=dtscout&rnd=0.48747477896910496&exptid=ZGQAA2ees2EAAAAIPhmVAw%3D%3D&fcmp=false HTTP/1.1Host: pd.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /pd/dtscout HTTP/1.1Host: pd.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /1/k/t.dhj?cid=c010&cls=C&rnd=0.48747477896910496&stid=ZGQAA2ees2EAAAAIPhmVAw%3D%3D HTTP/1.1Host: t.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /b/p?id=wu!&lm=0&ts=1738453856261&dn=AFWU&iso=0&pu=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&r=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&t=Error&chpv=10.0.0&chuav=Google%20Chrome%3Bv%3D117.0.5938.149%2C%20Not%3BA%3DBrand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D117.0.5938.149&chp=Windows&chmob=0&chua=Google%20Chrome%3Bv%3D117%2C%20Not%3BA%3DBrand%3Bv%3D8%2C%20Chromium%3Bv%3D117 HTTP/1.1Host: ic.tynt.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uid=CoIKR2ees2Ic07ovBZxVAg==
Source: global trafficHTTP traffic detected: GET /widget/?d=51A01738453856FF81C4B374F5DED806&nid=300&p=2114454483&t=300&s=1280x1024x24&u=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&r=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F HTTP/1.1Host: t.dtscdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uid=51A01738453856FF81C4B374F5DED806
Source: global trafficHTTP traffic detected: GET /dtsa.js HTTP/1.1Host: p.dtsan.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /361726.gif?n=1&33random=1738453858275.2 HTTP/1.1Host: rc.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /361726.gif?n=1&33random=1738453858275.5 HTTP/1.1Host: rc.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /deb/v2?id=wu!&dn=AFWU&cc=1&chpv=10.0.0&chuav=Google%20Chrome%3Bv%3D117.0.5938.149%2C%20Not%3BA%3DBrand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D117.0.5938.149&chp=Windows&chmob=0&chua=Google%20Chrome%3Bv%3D117%2C%20Not%3BA%3DBrand%3Bv%3D8%2C%20Chromium%3Bv%3D117&r=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&pu=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html HTTP/1.1Host: de.tynt.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uid=pniolmees2Ltm6o8OKOwcg==; pids=%5B%7B%22p%22%3A%2204b37b1668%22%2C%22f%22%3A2%2C%22ts%22%3A1738453858275%7D%2C%7B%22p%22%3A%220c1ae001bf%22%2C%22f%22%3A2%2C%22ts%22%3A1738453858275%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1738453858275%7D%5D
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /dpx?cid=11411&us_privacy=&33random=1738453858275.3&ref=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F HTTP/1.1Host: i.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /dpx?cid=11411&us_privacy=&33random=1738453858275.6&ref=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F HTTP/1.1Host: i.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /1.1683.885/a/US/t_.js?cid=c026&cls=sync HTTP/1.1Host: pxdrop.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pxdrop.lijit.com/a/t_.htm?ver=1.1683.885&cid=c026&cls=syncAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: lijitAcc3PC=1
Source: global trafficHTTP traffic detected: GET /a/t_.htm?ver=1.1683.23406&cid=c010&cls=C HTTP/1.1Host: t.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /pd/dtscout?_t_=px&url=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&event_source=dtscout&rnd=0.48747477896910496&exptid=ZGQAA2ees2EAAAAIPhmVAw%3D%3D&fcmp=false HTTP/1.1Host: pd.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /1/k/t.dhj?cid=c010&cls=C&rnd=0.48747477896910496&stid=ZGQAA2ees2EAAAAIPhmVAw%3D%3D HTTP/1.1Host: t.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /1000.gif?memo=CP6JFhoNCOLm-rwGEgUI6AcQAEIASgA HTTP/1.1Host: rc.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=iE+QsuQrBVTSPw9pcpNwO+xgf8VEU9HwjmiUOkajKzM=; pxrc=CAA=
Source: global trafficHTTP traffic detected: GET /api/sync?pid=5324&_=2 HTTP/1.1Host: pippio.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=3119e009-c218-4243-8eca-efb4668d80e9; TDCPM=CAEYBSgCMgsIoOzBocDJ4T0QBTgB
Source: global trafficHTTP traffic detected: GET /lt/c/3825/lt.min.js HTTP/1.1Host: tags.crwdcntrl.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/sync?pid=5324&_=2 HTTP/1.1Host: pippio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: did=trANzei4MEL1jAyy; didts=1738453859; nnls=; pxrc=CAA=
Source: global trafficHTTP traffic detected: GET /api/sync?pid=5324&it=1&iv=5d29f10e69b0fafa218250f8a2a5448f71fbe7dd362a18bd23be46cf8a1ac8dd791426b5417dce21&_=2 HTTP/1.1Host: pippio.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: did=trANzei4MEL1jAyy; didts=1738453859; nnls=; pxrc=CAA=
Source: global trafficHTTP traffic detected: GET /1.1683.885/a/US/t_.js?cid=c026&cls=sync HTTP/1.1Host: pxdrop.lijit.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: lijitAcc3PC=1
Source: global trafficHTTP traffic detected: GET /1.1683.23406/a/US/t_.js?cid=c010&cls=C HTTP/1.1Host: t.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://t.sharethis.com/a/t_.htm?ver=1.1683.23406&cid=c010&cls=CAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /?partner=147&mapped=3119e009-c218-4243-8eca-efb4668d80e9&icm&gdpr=0&gdpr_consent=&cver HTTP/1.1Host: pixel.onaudience.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookie=bb6e48ae45f2d8c6; done_redirects147=1
Source: global trafficHTTP traffic detected: GET /386076.gif?partner_uid=ZGQAA2ees2EAAAAIPhmVAw%3D%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=MRVDix8Q5O/SPw9pcpNwO+xgf8VEU9HwjmiUOkajKzM=; pxrc=COPm+rwGEgUI6AcQABIFCOhHEAA=
Source: global trafficHTTP traffic detected: GET /utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGQAA2ees2EAAAAIPhmVAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP/1.1Host: ml314.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /1.1683.23406/a/US/t_.js?cid=c010&cls=C HTTP/1.1Host: t.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=3119e009-c218-4243-8eca-efb4668d80e9; TDCPM=CAEYBSABKAIyCwig7MGhwMnhPRAFOAE.
Source: global trafficHTTP traffic detected: GET /pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cms?partner_id=DELI&gdpr=0 HTTP/1.1Host: cms.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /395886.gif?partner_uid=3650262495646449678 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=MRVDix8Q5O/SPw9pcpNwO+xgf8VEU9HwjmiUOkajKzM=; pxrc=COPm+rwGEgUI6AcQABIFCOhHEAA=
Source: global trafficHTTP traffic detected: GET /pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP/1.1Host: ps.eyeota.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mako_uid=194c3ecc4c2-38d20000010f5d72; SERVERID=23922~DM
Source: global trafficHTTP traffic detected: GET /ttd?uid=3119e009-c218-4243-8eca-efb4668d80e9&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /ups/58679/cms?partner_id=DELI&gdpr=0 HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /csync.ashx?fp=2316405e883022bdb4c1760feab127c2207b763908f291f2fad61d2e1f227a15f4cb09cee1a4f8eb&person_id=3650262495646449678&eid=50082 HTTP/1.1Host: ml314.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pi=3650262495646449678
Source: global trafficHTTP traffic detected: GET /csync.ashx?fp=2316405e883022bdb4c1760feab127c2207b763908f291f2fad61d2e1f227a15f4cb09cee1a4f8eb&person_id=3650262495646449678&eid=50082 HTTP/1.1Host: ml314.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pi=3650262495646449678
Source: global trafficHTTP traffic detected: GET /eyeota?uid=2s355XOVG7RvxPC_VFxRWwxB9btizQMX_e7DqvLxl4gM&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /ups/58679/cms?partner_id=DELI&gdpr=0&verify=true HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBGaznmcCEObKH8tTgfT_aR5ORynHmLMFEgEBAQEEoGeoZ9xH0iMA_eMAAA&S=AQAAAnTGii4-bGRCxmCCZFu-NI0
Source: global trafficHTTP traffic detected: GET /ttd?uid=3119e009-c218-4243-8eca-efb4668d80e9&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /eyeota?uid=2s355XOVG7RvxPC_VFxRWwxB9btizQMX_e7DqvLxl4gM&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.sharethis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2
Source: global trafficHTTP traffic detected: GET /?partner=252&mapped=y-bDcjO8BE2pQP3U_H6kdIECwXB7YxpQjQPg--~A&gdpr=0 HTTP/1.1Host: pixel.onaudience.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookie=bb6e48ae45f2d8c6; done_redirects147=1; done_redirects252=1
Source: global trafficHTTP traffic detected: GET /d/a.gif?cid=c010&cls=C&stid=ZGQAA2ees2EAAAAIPhmVAw%253D%253D&tt=t.dhj&dhjLcy=1738453857515&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1683.23406&ell=d&cck=__stid&dmn=getwellslogsnowonline.vercel.app&pn=%2Ferror.html&qs=na&rdn=getwellslogsnowonline.vercel.app&rpn=%2F&rqs=na&cc=US&cont=NA&evid=dyL7DTZAALmgg9NNxvgX&urls=!1!1906!b-13j,!0!681!b-13l,!1!2966!b-14s,!1!1950!b-150&rnd=1738453862491&cid=c010&version=1.1683.23406&cc=US&cont=NA&cls=C&repeat=0&htmLcy=924 HTTP/1.1Host: t.sharethis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://t.sharethis.com/a/t_.htm?ver=1.1683.23406&cid=c010&cls=CAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __stid=ZGQAA2ees2EAAAAIPhmVAw==; __stidv=2; pxcelPage_default_c010_C=1_0_1738453859487
Source: global trafficHTTP traffic detected: GET /?pid=1&uid=bb6e48ae45f2d8c6&gdpr=0 HTTP/1.1Host: pixel.nordicdataresources.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453864077&event=LinkActivated&eventType=click&eventDescription=SubmitSignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8&linkText= HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/error.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPREFS=full; _ga=GA1.1.2112480148.1738453838; HstCfa4854432=1738453853904; HstCla4854432=1738453853904; HstCmu4854432=1738453853904; HstPn4854432=1; HstPt4854432=1; HstCnv4854432=1; HstCns4854432=1; _ga_5Z8C8NSVHK=GS1.1.1738453838.1.1.1738453853.0.0.0; __dtsu=51A01738453856FF81C4B374F5DED806
Source: chromecache_152.4.drString found in binary or memory: return a;};u.map={};u.extend=[function(a,b){try{if((b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/'.toLowerCase()&&b['device_type'].toString().toLowerCase()=='DESKTOP'.toLowerCase()&&b['page_type'].toString().toLowerCase()=='BROWSER'.toLowerCase())||(b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/'.toLowerCase()&&b['device_type'].toString().toLowerCase()=='TABLET'.toLowerCase()&&b['page_type'].toString().toLowerCase()=='BROWSER'.toLowerCase())){b['fb_ev_value']='ALL_ALL_PAGE_WFHomepage';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/'.toLowerCase()&&b['device_type'].toString().toLowerCase()=='MOBILE'.toLowerCase()&&b['page_type'].toString().toLowerCase()=='BROWSER'.toLowerCase())){b['fb_ev_value']='FrontPorchHomePage';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/com/'.toLowerCase()&&b['page_type'].toString().toLowerCase()=='BROWSER'.toLowerCase())){b['fb_ev_value']='ALL_ALL_PAGE_WFCommercialHomepage';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}}];u.send=function(a,b){if(u.ev[a]||u.ev.all!==undefined){utag.DB("send:95");utag.DB(b);var c;u.t="@@";u.i=[];u.p=["//www.facebook.com/tr?id=@@fb_id@@&ev=@@fb_ev_value@@&cd[currency]=USD&cd[value]=0.00&cd[Product]=@@product_code@@&cd[Subproduct]=@@subproduct_code@@&cd[PageID]=@@page_id@@&cd[customer_status]=@@customer_status@@&cd[customer_type]=@@customer_type@@&dpo=LDU&dpoco=0&dpost=0","","","","","","",""];u.delim="";u.cachebust="disabled";u.cachevar=""||"_rnd";for(c=0;c<u.extend.length;c++){try{d=u.extend[c](a,b);if(d==false)return}catch(e){}};if(!b.fb_ev_value)return false;for(c=0;c<u.p.length;c++){if(u.p[c]!=""){var x=u.rp(u.p[c],b);if(x!=""){if(u.cachebust=="enabled"&&x.indexOf(u.cachevar)<0){if(x.indexOf("?")<0){u.delim="?";}else{u.delim="&";} equals www.facebook.com (Facebook)
Source: chromecache_141.4.dr, chromecache_121.4.drString found in binary or memory: return f}oF.F="internal.enableAutoEventOnTimer";var Yb=wa(["data-gtm-yt-inspected-"]),qF=["www.youtube.com","www.youtube-nocookie.com"],rF,sF=!1; equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: getwellslogsnowonline.vercel.app
Source: global trafficDNS traffic detected: DNS query: c1.wfinterface.com
Source: global trafficDNS traffic detected: DNS query: userstatics.com
Source: global trafficDNS traffic detected: DNS query: www17.wellsfargomedia.com
Source: global trafficDNS traffic detected: DNS query: s10.histats.com
Source: global trafficDNS traffic detected: DNS query: s4.histats.com
Source: global trafficDNS traffic detected: DNS query: e.dtscout.com
Source: global trafficDNS traffic detected: DNS query: t.dtscout.com
Source: global trafficDNS traffic detected: DNS query: pxdrop.lijit.com
Source: global trafficDNS traffic detected: DNS query: pd.sharethis.com
Source: global trafficDNS traffic detected: DNS query: cdn.tynt.com
Source: global trafficDNS traffic detected: DNS query: p.dtsan.net
Source: global trafficDNS traffic detected: DNS query: ic.tynt.com
Source: global trafficDNS traffic detected: DNS query: tags.crwdcntrl.net
Source: global trafficDNS traffic detected: DNS query: t.dtscdn.com
Source: global trafficDNS traffic detected: DNS query: pixel.onaudience.com
Source: global trafficDNS traffic detected: DNS query: de.tynt.com
Source: global trafficDNS traffic detected: DNS query: t.sharethis.com
Source: global trafficDNS traffic detected: DNS query: e.dlx.addthis.com
Source: global trafficDNS traffic detected: DNS query: rc.rlcdn.com
Source: global trafficDNS traffic detected: DNS query: i.simpli.fi
Source: global trafficDNS traffic detected: DNS query: match.adsrvr.org
Source: global trafficDNS traffic detected: DNS query: pippio.com
Source: global trafficDNS traffic detected: DNS query: p.adsymptotic.com
Source: global trafficDNS traffic detected: DNS query: idsync.rlcdn.com
Source: global trafficDNS traffic detected: DNS query: ps.eyeota.net
Source: global trafficDNS traffic detected: DNS query: ml314.com
Source: global trafficDNS traffic detected: DNS query: cms.analytics.yahoo.com
Source: global trafficDNS traffic detected: DNS query: sync.sharethis.com
Source: global trafficDNS traffic detected: DNS query: ups.analytics.yahoo.com
Source: global trafficDNS traffic detected: DNS query: pixel.nordicdataresources.net
Source: global trafficDNS traffic detected: DNS query: a.dtsan.net
Source: unknownHTTP traffic detected: POST /target/offers/conversations HTTP/1.1Host: getwellslogsnowonline.vercel.appConnection: keep-aliveContent-Length: 105sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=UTF-8Accept: */*Origin: https://getwellslogsnowonline.vercel.appSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://getwellslogsnowonline.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:39 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::7dq7s-1738453839253-3c402f3f714fConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:40 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::2mjtf-1738453840525-90695ea1f32fConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:40 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::dg5j8-1738453840585-8f6a0f87586cConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:40 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::2jcj2-1738453840597-168302b1a6c7Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::zc98w-1738453841258-4b0d4a11bc46Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::x468v-1738453841258-6b2ab235667bConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::jhnbc-1738453841271-89b230dc3926Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::ln9b9-1738453841282-4de6fa2d1a21Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::jnhdn-1738453841306-1a9deec9c9acConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::5qtmb-1738453841293-5a0c961935e5Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::hnwxd-1738453841883-3e214305ee86Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::86xhr-1738453841897-686ce8cfa466Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::kn6fz-1738453841899-745409f60d16Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::2z6x9-1738453841956-b0c1116282f2Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:41 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::kfrs7-1738453841954-e13b4faf2b46Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:42 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::28stb-1738453842071-bbe89b15f0ceConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:42 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::m8pcq-1738453842493-020f3759faf0Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:42 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::kv9gv-1738453842618-c6bdafb9a1d9Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:53 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::gfdnp-1738453853680-8e742a48124bConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:55 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::djshc-1738453855008-31b609eb09dfConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:55 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::6l9zp-1738453855703-a68764871924Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:56 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::mrfhc-1738453856680-ef3839762b50Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:56 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::bnnm8-1738453856681-b19f4fe16071Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:56 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::knfbp-1738453856681-493c86b4c164Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:56 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::hp4f9-1738453856685-3c97d7fa7e1eConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:56 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::n6x9k-1738453856681-2a7ef25adf63Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:56 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::2xd46-1738453856712-0e4b4b4e0443Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:57 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::kv9gv-1738453857306-299c05b3d1c1Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:57 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::jhnbc-1738453857310-c01955284eb9Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:57 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::kv9gv-1738453857311-59ae5f82306eConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:57 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::2xd46-1738453857316-4a9120420483Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:57 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::h8fq7-1738453857317-b08c23beafffConnection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:57 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::mn829-1738453857340-6a896736f8f9Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:50:57 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::qt5sd-1738453857970-a41c8dea2844Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:51:05 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::xqnvl-1738453865837-3876b50d3de4Connection: close
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: public, max-age=0, must-revalidateContent-Length: 79Content-Type: text/plain; charset=utf-8Date: Sat, 01 Feb 2025 23:51:05 GMTServer: VercelStrict-Transport-Security: max-age=63072000; includeSubDomains; preloadX-Vercel-Error: NOT_FOUNDX-Vercel-Id: iad1::gn6j8-1738453865857-56126d5cdb36Connection: close
Source: chromecache_192.4.dr, chromecache_183.4.drString found in binary or memory: https://a.dtsan.net
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://a.dtssrv.com/a?i=
Source: chromecache_121.4.drString found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_152.4.drString found in binary or memory: https://api.rlcdn.com/api/identity/idl?pid=1317
Source: chromecache_152.4.drString found in binary or memory: https://b.videoamp.com/d2/
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://c1.wfinterface.com/rtto/
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://c1.wfinterface.com/rtto/toppages/utag.sync.js
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://c1.wfinterface.com/tracking/hp/utag.js
Source: chromecache_141.4.dr, chromecache_121.4.drString found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://cdn.tynt.com/afwu.js
Source: chromecache_152.4.drString found in binary or memory: https://cm.g.doubleclick.net/pixel?google_nid=wellsfargo_adh&google_hm=
Source: chromecache_152.4.drString found in binary or memory: https://docs.tealium.com/platforms/javascript/debugging/
Source: chromecache_152.4.drString found in binary or memory: https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report
Source: chromecache_221.4.dr, chromecache_189.4.dr, chromecache_155.4.dr, chromecache_124.4.drString found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_221.4.dr, chromecache_189.4.dr, chromecache_155.4.dr, chromecache_124.4.drString found in binary or memory: https://github.com/zloirock/core-js/blob/v3.21.1/LICENSE
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://p.dtsan.net/dtsa.js
Source: chromecache_121.4.drString found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_141.4.dr, chromecache_121.4.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://pd.sharethis.com/pd/dtscout
Source: chromecache_188.4.dr, chromecache_169.4.drString found in binary or memory: https://pd.sharethis.com/pd/dtscout?_t_=px&url=
Source: chromecache_188.4.dr, chromecache_169.4.drString found in binary or memory: https://pd.sharethis.com/pd/error?e=
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://pixel.onaudience.com/?partner=137085098&mapped=
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://schema.org/
Source: chromecache_152.4.drString found in binary or memory: https://static.wellsfargo.com/tracking/alloy/alloy.js
Source: chromecache_152.4.drString found in binary or memory: https://static.wellsfargo.com/tracking/gb/detector-dom.min.js
Source: chromecache_152.4.drString found in binary or memory: https://static.wellsfargo.com/tracking/hp/utag.js
Source: chromecache_152.4.drString found in binary or memory: https://static.wellsfargo.com/tracking/ytc/ytc.js
Source: chromecache_141.4.dr, chromecache_121.4.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_141.4.dr, chromecache_121.4.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://t.dtscdn.com/widget/?d=
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://t.dtscout.com/idg/?su=
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://t.dtscout.com/pv/
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://t.dtscout.com/udg/?su=
Source: chromecache_188.4.dr, chromecache_169.4.drString found in binary or memory: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=
Source: chromecache_149.4.dr, chromecache_170.4.drString found in binary or memory: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Source: chromecache_141.4.dr, chromecache_121.4.drString found in binary or memory: https://td.doubleclick.net
Source: chromecache_121.4.drString found in binary or memory: https://www.google.com
Source: chromecache_141.4.dr, chromecache_121.4.drString found in binary or memory: https://www.googleadservices.com
Source: chromecache_121.4.drString found in binary or memory: https://www.googletagmanager.com
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-5Z8C8NSVHK
Source: chromecache_141.4.dr, chromecache_121.4.drString found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www.wellsfargo.com/
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_160
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_134511123
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040
Source: chromecache_218.4.drString found in binary or memory: https://www17.wellsfargomedia.com/assets/images/logos/wellsfargo/logo_974x1050.png
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
Source: chromecache_165.4.dr, chromecache_218.4.drString found in binary or memory: https://www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50085 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50091 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
Source: unknownNetwork traffic detected: HTTP traffic on port 50107 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50082
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50085
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50084
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50090
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50091
Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 50084 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50035
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50110 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
Source: unknownNetwork traffic detected: HTTP traffic on port 50104 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50045
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50007 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50116 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50106
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50105
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50108
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50107
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50104
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50116
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50118
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50111
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50110
Source: unknownNetwork traffic detected: HTTP traffic on port 50076 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49992 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49994 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
Source: unknownNetwork traffic detected: HTTP traffic on port 50111 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50123
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50006 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50082 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50105 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50098
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50106 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50123 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50008 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50098 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50092 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50030 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49993 -> 443
Source: classification engineClassification label: mal64.phis.win@20/224@122/44
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1980,i,686530358897787946,159423849547294936,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://getwellslogsnowonline.vercel.app/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1980,i,686530358897787946,159423849547294936,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.1.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.1.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.1.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.1.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.1.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.1.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Drive-by Compromise		Windows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://getwellslogsnowonline.vercel.app/100%Avira URL Cloudphishing

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854945&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/favicon_48x48.png100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839538&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/tick.png100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/position-3-bg-gradient.png100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854942&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/bg.jpg100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839527&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839534&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854954&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/target/offers/conversations100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854943&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/js/wfui-container-bottom.js/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-sbd.woff2100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854946&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.css100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/wf_logo_220x23.png100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/HYeWm0100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-lt.woff2100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839532&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/bg2.jpg100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839523&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854948&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854940&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-bd.woff2100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453864077&event=LinkActivated&eventType=click&eventDescription=SubmitSignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8&linkText=100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/auth/login/static/js/general_alt.js?1js100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839526&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/responsive-sprite-v10.png100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839529&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854947&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228778-16%7Etcm%3A91-228643-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839536&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839535&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/box.png100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/position-2-bg-gradient.png100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/favicon.ico100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854951&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32100%Avira URL Cloudphishing
https://docs.tealium.com/platforms/javascript/debugging/0%Avira URL Cloudsafe
https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-rg.woff2100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/images/home.png100%Avira URL Cloudphishing
https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854950&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2100%Avira URL Cloudphishing

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
e114945.b.akamaiedge.net
2.21.65.149
truefalse
    		high
    a.dtsan.net
    		172.67.167.79
    		truefalse
      		high
      de.tynt.com
      		67.202.105.33
      		truefalse
        		high
        e213908.b.akamaiedge.net
        		2.21.65.136
        		truefalse
          		high
          cdn.tynt.com.cdn.cloudflare.net
          		104.18.13.146
          		truefalse
            		high
            ps.eyeota.net
            		3.124.210.90
            		truefalse
              		high
              idsync.rlcdn.com
              		35.244.174.68
              		truefalse
                		high
                httplogserver-lb.global.unified-prod.sharethis.net
                		52.59.135.49
                		truefalse
                  		high
                  userstatics.com
                  		104.21.48.1
                  		truefalse
                    		high
                    s4.histats.com
                    		149.56.240.132
                    		truefalse
                      		high
                      e167121.b.akamaiedge.net
                      		2.21.65.153
                      		truefalse
                        		high
                        i.simpli.fi
                        		35.234.162.151
                        		truefalse
                          		high
                          www.google.com
                          		142.250.184.228
                          		truefalse
                            		high
                            p.dtsan.net
                            		104.21.91.54
                            		truefalse
                              		high
                              dcs-ups.g03.yahoodns.net
                              		87.248.119.251
                              		truefalse
                                		high
                                s10.histats.com.cdn.cloudflare.net
                                		104.20.11.182
                                		truefalse
                                  		high
                                  match.adsrvr.org
                                  		52.223.40.198
                                  		truefalse
                                    		high
                                    pippio.com
                                    		107.178.254.65
                                    		truefalse
                                      		high
                                      pixel.nordicdataresources.net
                                      		57.128.187.108
                                      		truefalse
                                        		high
                                        getwellslogsnowonline.vercel.app
                                        		64.29.17.1
                                        		truetrue
                                          		unknown
                                          e15118.a.akamaiedge.net
                                          		104.102.62.193
                                          		truefalse
                                            		high
                                            t.dtscout.com
                                            		172.67.70.180
                                            		truefalse
                                              		high
                                              pixel.onaudience.com
                                              		54.38.113.2
                                              		truefalse
                                                		high
                                                tags.crwdcntrl.net
                                                		65.9.66.104
                                                		truefalse
                                                  		high
                                                  thirdparty-logserver-lb.global.unified-prod.sharethis.net
                                                  		18.196.170.244
                                                  		truefalse
                                                    		high
                                                    t.dtscdn.com
                                                    		104.26.12.60
                                                    		truefalse
                                                      		high
                                                      e.dtscout.com
                                                      		104.26.10.2
                                                      		truefalse
                                                        		high
                                                        ic.tynt.com
                                                        		67.202.105.33
                                                        		truefalse
                                                          		high
                                                          rc-ext-geo.rlcdn.com
                                                          		35.244.174.68
                                                          		truefalse
                                                            		high
                                                            ml314.com
                                                            		34.117.77.79
                                                            		truefalse
                                                              		high
                                                              rc.rlcdn.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                sync.sharethis.com
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  www17.wellsfargomedia.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    t.sharethis.com
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high
                                                                      ups.analytics.yahoo.com
                                                                      		unknown
                                                                      		unknownfalse
                                                                        		high
                                                                        p.adsymptotic.com
                                                                        		unknown
                                                                        		unknownfalse
                                                                          		high
                                                                          cdn.tynt.com
                                                                          		unknown
                                                                          		unknownfalse
                                                                            		high
                                                                            e.dlx.addthis.com
                                                                            		unknown
                                                                            		unknownfalse
                                                                              		high
                                                                              s10.histats.com
                                                                              		unknown
                                                                              		unknownfalse
                                                                                		high
                                                                                c1.wfinterface.com
                                                                                		unknown
                                                                                		unknownfalse
                                                                                  		high
                                                                                  pxdrop.lijit.com
                                                                                  		unknown
                                                                                  		unknownfalse
                                                                                    		high
                                                                                    cms.analytics.yahoo.com
                                                                                    		unknown
                                                                                    		unknownfalse
                                                                                      		high
                                                                                      pd.sharethis.com
                                                                                      		unknown
                                                                                      		unknownfalse
                                                                                        		high

                                                                                        Contacted URLs

                                                                                        NameMaliciousAntivirus DetectionReputation
                                                                                        https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854945&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32true
                                                                                        • Avira URL Cloud: phishing
                                                                                        		unknown
                                                                                        https://s4.histats.com/stats/0.php?4854432&@f16&@g1&@h1&@i1&@j1738453853904&@k0&@l1&@mError&@n0&@ohttps%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-9690431&@b3:1738453854&@b4:js15_as.js&@b5:-300&@a-_0.2.1&@vhttps%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&@wfalse
                                                                                          		high
                                                                                          https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpgfalse
                                                                                            		high
                                                                                            https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=getwellslogsnowonline.vercel.app&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=false
                                                                                              		high
                                                                                              https://getwellslogsnowonline.vercel.app/images/bg.jpgtrue
                                                                                              • Avira URL Cloud: phishing
                                                                                              		unknown
                                                                                              https://a.dtsan.net/afalse
                                                                                                		high
                                                                                                https://getwellslogsnowonline.vercel.app/images/position-3-bg-gradient.pngtrue
                                                                                                • Avira URL Cloud: phishing
                                                                                                		unknown
                                                                                                https://getwellslogsnowonline.vercel.app/images/tick.pngtrue
                                                                                                • Avira URL Cloud: phishing
                                                                                                		unknown
                                                                                                https://sync.sharethis.com/ttd?uid=3119e009-c218-4243-8eca-efb4668d80e9&gdpr=0&gdpr_consent=false
                                                                                                  		high
                                                                                                  https://getwellslogsnowonline.vercel.app/images/favicon_48x48.pngtrue
                                                                                                  • Avira URL Cloud: phishing
                                                                                                  		unknown
                                                                                                  https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839538&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32true
                                                                                                  • Avira URL Cloud: phishing
                                                                                                  		unknown
                                                                                                  https://t.dtscout.com/pv/false
                                                                                                    		high
                                                                                                    https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854954&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32true
                                                                                                    • Avira URL Cloud: phishing
                                                                                                    		unknown
                                                                                                    https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpgfalse
                                                                                                      		high
                                                                                                      https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854942&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32true
                                                                                                      • Avira URL Cloud: phishing
                                                                                                      		unknown
                                                                                                      https://t.sharethis.com/1.1683.23406/a/US/t_.js?cid=c010&cls=Cfalse
                                                                                                        		high
                                                                                                        https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGQAA2ees2EAAAAIPhmVAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5Dfalse
                                                                                                          		high
                                                                                                          https://cdn.tynt.com/afwu.jsfalse
                                                                                                            		high
                                                                                                            https://ml314.com/csync.ashx?fp=2316405e883022bdb4c1760feab127c2207b763908f291f2fad61d2e1f227a15f4cb09cee1a4f8eb&person_id=3650262495646449678&eid=50082false
                                                                                                              		high
                                                                                                              https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGQAA2ees2EAAAAIPhmVAw%253D%253D&tt=t.dhj&dhjLcy=1738453857515&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1683.23406&ell=d&cck=__stid&dmn=getwellslogsnowonline.vercel.app&pn=%2Ferror.html&qs=na&rdn=getwellslogsnowonline.vercel.app&rpn=%2F&rqs=na&cc=US&cont=NA&evid=dyL7DTZAALmgg9NNxvgX&urls=!1!1906!b-13j,!0!681!b-13l,!1!2966!b-14s,!1!1950!b-150&rnd=1738453862491&cid=c010&version=1.1683.23406&cc=US&cont=NA&cls=C&repeat=0&htmLcy=924false
                                                                                                                		high
                                                                                                                https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839534&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2true
                                                                                                                • Avira URL Cloud: phishing
                                                                                                                		unknown
                                                                                                                https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839527&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32true
                                                                                                                • Avira URL Cloud: phishing
                                                                                                                		unknown
                                                                                                                https://www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpgfalse
                                                                                                                  		high
                                                                                                                  https://idsync.rlcdn.com/386076.gif?partner_uid=ZGQAA2ees2EAAAAIPhmVAw%3D%3D&gdpr=0&gdpr_consent=false
                                                                                                                    		high
                                                                                                                    https://getwellslogsnowonline.vercel.app/target/offers/conversationstrue
                                                                                                                    • Avira URL Cloud: phishing
                                                                                                                    		unknown
                                                                                                                    https://www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.pngfalse
                                                                                                                      		high
                                                                                                                      https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854943&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8true
                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                      		unknown
                                                                                                                      https://p.dtsan.net/dtsa.jsfalse
                                                                                                                        		high
                                                                                                                        https://pd.sharethis.com/pd/dtscoutfalse
                                                                                                                          		high
                                                                                                                          https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-sbd.woff2true
                                                                                                                          • Avira URL Cloud: phishing
                                                                                                                          		unknown
                                                                                                                          https://getwellslogsnowonline.vercel.app/css/ps-homepage.ae488a2de98b84f77de2.csstrue
                                                                                                                          • Avira URL Cloud: phishing
                                                                                                                          		unknown
                                                                                                                          https://tags.crwdcntrl.net/lt/c/3825/lt.min.jsfalse
                                                                                                                            		high
                                                                                                                            https://getwellslogsnowonline.vercel.app/js/wfui-container-bottom.js/assets/js/wfui/ndep/websdk/nuance-websdk-loader.jstrue
                                                                                                                            • Avira URL Cloud: phishing
                                                                                                                            		unknown
                                                                                                                            https://getwellslogsnowonline.vercel.app/true
                                                                                                                              		unknown
                                                                                                                              https://getwellslogsnowonline.vercel.app/images/wf_logo_220x23.pngtrue
                                                                                                                              • Avira URL Cloud: phishing
                                                                                                                              		unknown
                                                                                                                              https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854946&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffertrue
                                                                                                                              • Avira URL Cloud: phishing
                                                                                                                              		unknown
                                                                                                                              https://getwellslogsnowonline.vercel.app/HYeWm0true
                                                                                                                              • Avira URL Cloud: phishing
                                                                                                                              		unknown
                                                                                                                              https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839532&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1true
                                                                                                                              • Avira URL Cloud: phishing
                                                                                                                              		unknown
                                                                                                                              https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-lt.woff2true
                                                                                                                              • Avira URL Cloud: phishing
                                                                                                                              		unknown
                                                                                                                              https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1738453856261&dn=AFWU&iso=0&pu=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&r=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&t=Error&chpv=10.0.0&chuav=Google%20Chrome%3Bv%3D117.0.5938.149%2C%20Not%3BA%3DBrand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D117.0.5938.149&chp=Windows&chmob=0&chua=Google%20Chrome%3Bv%3D117%2C%20Not%3BA%3DBrand%3Bv%3D8%2C%20Chromium%3Bv%3D117false
                                                                                                                                		high
                                                                                                                                https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0&verify=truefalse
                                                                                                                                  		high
                                                                                                                                  https://t.dtscout.com/pv/?_a=v&_h=getwellslogsnowonline.vercel.app&_ss=2fr49utj3d&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=123c&_cb=_dtspv.cfalse
                                                                                                                                    		high
                                                                                                                                    https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1738453858275.6&ref=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ffalse
                                                                                                                                      		high
                                                                                                                                      https://getwellslogsnowonline.vercel.app/images/bg2.jpgtrue
                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                      		unknown
                                                                                                                                      https://pxdrop.lijit.com/d/a.gif?cls=sync&dmn=getwellslogsnowonline.vercel.app&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=&tt=t.dhj&cid=c026&lbl=lijit&flbl=pxcel&ll=d&ver=1.1683.885&ell=d&cck=ljt_reader&pn=%2Ferror.html&qs=na&rdn=getwellslogsnowonline.vercel.app&rpn=%2F&rqs=na&cc=US&cont=NA&evid=nhL7DTZAKs1hg_pM6Nrq&urls=&rnd=1738453864860&cid=c026&version=1.1683.885&cc=US&cont=NA&cls=sync&repeat=0&htmLcy=935&sndBcn=1false
                                                                                                                                        		high
                                                                                                                                        https://rc.rlcdn.com/361726.gif?n=1&33random=1738453858275.5false
                                                                                                                                          		high
                                                                                                                                          https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453864077&event=LinkActivated&eventType=click&eventDescription=SubmitSignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8&linkText=true
                                                                                                                                          • Avira URL Cloud: phishing
                                                                                                                                          		unknown
                                                                                                                                          https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839526&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32true
                                                                                                                                          • Avira URL Cloud: phishing
                                                                                                                                          		unknown
                                                                                                                                          https://getwellslogsnowonline.vercel.app/auth/login/static/js/general_alt.js?1jstrue
                                                                                                                                          • Avira URL Cloud: phishing
                                                                                                                                          		unknown
                                                                                                                                          https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854940&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32true
                                                                                                                                          • Avira URL Cloud: phishing
                                                                                                                                          		unknown
                                                                                                                                          https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-bd.woff2true
                                                                                                                                          • Avira URL Cloud: phishing
                                                                                                                                          		unknown
                                                                                                                                          https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854948&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1true
                                                                                                                                          • Avira URL Cloud: phishing
                                                                                                                                          		unknown
                                                                                                                                          https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839523&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOPtrue
                                                                                                                                          • Avira URL Cloud: phishing
                                                                                                                                          		unknown
                                                                                                                                          https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=false
                                                                                                                                            		high
                                                                                                                                            https://getwellslogsnowonline.vercel.app/images/responsive-sprite-v10.pngtrue
                                                                                                                                            • Avira URL Cloud: phishing
                                                                                                                                            		unknown
                                                                                                                                            https://idsync.rlcdn.com/395886.gif?partner_uid=3650262495646449678false
                                                                                                                                              		high
                                                                                                                                              https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839529&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32true
                                                                                                                                              • Avira URL Cloud: phishing
                                                                                                                                              		unknown
                                                                                                                                              https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854947&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228778-16%7Etcm%3A91-228643-32true
                                                                                                                                              • Avira URL Cloud: phishing
                                                                                                                                              		unknown
                                                                                                                                              https://getwellslogsnowonline.vercel.app/images/position-2-bg-gradient.pngtrue
                                                                                                                                              • Avira URL Cloud: phishing
                                                                                                                                              		unknown
                                                                                                                                              https://rc.rlcdn.com/361726.gif?n=1&33random=1738453858275.2false
                                                                                                                                                		high
                                                                                                                                                https://getwellslogsnowonline.vercel.app/images/box.pngtrue
                                                                                                                                                • Avira URL Cloud: phishing
                                                                                                                                                		unknown
                                                                                                                                                https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453839536&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3true
                                                                                                                                                • Avira URL Cloud: phishing
                                                                                                                                                		unknown
                                                                                                                                                https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0false
                                                                                                                                                  		high
                                                                                                                                                  https://getwellslogsnowonline.vercel.app/fonts/wellsfargosans-rg.woff2true
                                                                                                                                                  • Avira URL Cloud: phishing
                                                                                                                                                  		unknown
                                                                                                                                                  https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chpv=10.0.0&chuav=Google%20Chrome%3Bv%3D117.0.5938.149%2C%20Not%3BA%3DBrand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D117.0.5938.149&chp=Windows&chmob=0&chua=Google%20Chrome%3Bv%3D117%2C%20Not%3BA%3DBrand%3Bv%3D8%2C%20Chromium%3Bv%3D117&r=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&pu=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.htmlfalse
                                                                                                                                                    		high
                                                                                                                                                    https://pxdrop.lijit.com/a/t_.htm?ver=1.1683.885&cid=c026&cls=syncfalse
                                                                                                                                                      		high
                                                                                                                                                      https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1738453858275.3&ref=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ffalse
                                                                                                                                                        		high
                                                                                                                                                        https://getwellslogsnowonline.vercel.app/favicon.icotrue
                                                                                                                                                        • Avira URL Cloud: phishing
                                                                                                                                                        		unknown
                                                                                                                                                        https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2F&cb=1738453839535&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32true
                                                                                                                                                        • Avira URL Cloud: phishing
                                                                                                                                                        		unknown
                                                                                                                                                        https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.48747477896910496&stid=ZGQAA2ees2EAAAAIPhmVAw%3D%3Dfalse
                                                                                                                                                          		high
                                                                                                                                                          https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=false
                                                                                                                                                            		high
                                                                                                                                                            https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&pid=%23&pageUrl=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&cb=1738453854951&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32true
                                                                                                                                                            • Avira URL Cloud: phishing
                                                                                                                                                            		unknown
                                                                                                                                                            https://getwellslogsnowonline.vercel.app/images/home.pngtrue
                                                                                                                                                            • Avira URL Cloud: phishing
                                                                                                                                                            		unknown
                                                                                                                                                            https://c1.wfinterface.com/tracking/hp/utag.jsfalse
                                                                                                                                                              		high
                                                                                                                                                              https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ferror.html&j=https%3A%2F%2Fgetwellslogsnowonline.vercel.app%2Ffalse
                                                                                                                                                                		high
                                                                                                                                                                https://getwellslogsnowonline.vercel.app/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1738453854950&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2true
                                                                                                                                                                • Avira URL Cloud: phishing
                                                                                                                                                                		unknown

                                                                                                                                                                URLs from Memory and Binaries

                                                                                                                                                                NameSourceMaliciousAntivirus DetectionReputation
                                                                                                                                                                https://stats.g.doubleclick.net/g/collectchromecache_141.4.dr, chromecache_121.4.drfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://github.com/zloirock/core-jschromecache_221.4.dr, chromecache_189.4.dr, chromecache_155.4.dr, chromecache_124.4.drfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://www17.wellsfargomedia.com/assets/images/logos/wellsfargo/logo_974x1050.pngchromecache_218.4.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_134511123chromecache_165.4.dr, chromecache_218.4.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://www.google.comchromecache_121.4.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_160chromecache_165.4.dr, chromecache_218.4.drfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://c1.wfinterface.com/rtto/chromecache_165.4.dr, chromecache_218.4.drfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://t.dtscout.com/idg/?su=chromecache_149.4.dr, chromecache_170.4.drfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://t.dtscdn.com/widget/?d=chromecache_149.4.dr, chromecache_170.4.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://github.com/zloirock/core-js/blob/v3.21.1/LICENSEchromecache_221.4.dr, chromecache_189.4.dr, chromecache_155.4.dr, chromecache_124.4.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://static.wellsfargo.com/tracking/gb/detector-dom.min.jschromecache_152.4.drfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://t.dtscout.com/udg/?su=chromecache_149.4.dr, chromecache_170.4.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040chromecache_165.4.dr, chromecache_218.4.drfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://cct.google/taggy/agent.jschromecache_141.4.dr, chromecache_121.4.drfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://pd.sharethis.com/pd/dtscout?_t_=px&url=chromecache_188.4.dr, chromecache_169.4.drfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://api.rlcdn.com/api/identity/idl?pid=1317chromecache_152.4.drfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_reportchromecache_152.4.drfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://schema.org/chromecache_165.4.dr, chromecache_218.4.drfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://static.wellsfargo.com/tracking/ytc/ytc.jschromecache_152.4.drfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://stats.g.doubleclick.net/g/collect?v=2&chromecache_141.4.dr, chromecache_121.4.drfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://static.wellsfargo.com/tracking/hp/utag.jschromecache_152.4.drfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://pd.sharethis.com/pd/error?e=chromecache_188.4.dr, chromecache_169.4.drfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://docs.tealium.com/platforms/javascript/debugging/chromecache_152.4.drfalse
                                                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                            https://www.wellsfargo.com/chromecache_165.4.dr, chromecache_218.4.drfalse
                                                                                                                                                                                                              		high

                                                                                                                                                                                                              World Map of Contacted IPs

                                                                                                                                                                                                              • No. of IPs < 25%
                                                                                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                                                                                              • 75% < No. of IPs

                                                                                                                                                                                                              Public IPs

                                                                                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                              104.21.48.1
                                                                                                                                                                                                              		userstatics.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              149.56.240.131
                                                                                                                                                                                                              		unknownCanada
                                                                                                                                                                                                              		16276OVHFRfalse
                                                                                                                                                                                                              149.56.240.132
                                                                                                                                                                                                              		s4.histats.comCanada
                                                                                                                                                                                                              		16276OVHFRfalse
                                                                                                                                                                                                              104.21.80.1
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              35.234.162.151
                                                                                                                                                                                                              		i.simpli.fiUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              3.124.210.90
                                                                                                                                                                                                              		ps.eyeota.netUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              142.250.184.228
                                                                                                                                                                                                              		www.google.comUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              172.67.74.186
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              65.9.66.104
                                                                                                                                                                                                              		tags.crwdcntrl.netUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              34.117.77.79
                                                                                                                                                                                                              		ml314.comUnited States
                                                                                                                                                                                                              		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                              172.67.70.180
                                                                                                                                                                                                              		t.dtscout.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              2.21.65.136
                                                                                                                                                                                                              		e213908.b.akamaiedge.netEuropean Union
                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                              3.33.220.150
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		8987AMAZONEXPANSIONGBfalse
                                                                                                                                                                                                              64.29.17.193
                                                                                                                                                                                                              		unknownCanada
                                                                                                                                                                                                              		13768COGECO-PEER1CAfalse
                                                                                                                                                                                                              104.18.12.146
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              3.64.16.188
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              104.102.62.193
                                                                                                                                                                                                              		e15118.a.akamaiedge.netUnited States
                                                                                                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                              54.38.113.2
                                                                                                                                                                                                              		pixel.onaudience.comFrance
                                                                                                                                                                                                              		16276OVHFRfalse
                                                                                                                                                                                                              52.59.135.49
                                                                                                                                                                                                              		httplogserver-lb.global.unified-prod.sharethis.netUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              104.26.10.2
                                                                                                                                                                                                              		e.dtscout.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              107.178.254.65
                                                                                                                                                                                                              		pippio.comUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              172.67.167.79
                                                                                                                                                                                                              		a.dtsan.netUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              239.255.255.250
                                                                                                                                                                                                              		unknownReserved
                                                                                                                                                                                                              		unknownunknownfalse
                                                                                                                                                                                                              64.29.17.1
                                                                                                                                                                                                              		getwellslogsnowonline.vercel.appCanada
                                                                                                                                                                                                              		13768COGECO-PEER1CAtrue
                                                                                                                                                                                                              35.244.174.68
                                                                                                                                                                                                              		idsync.rlcdn.comUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              104.26.12.60
                                                                                                                                                                                                              		t.dtscdn.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              52.223.40.198
                                                                                                                                                                                                              		match.adsrvr.orgUnited States
                                                                                                                                                                                                              		8987AMAZONEXPANSIONGBfalse
                                                                                                                                                                                                              57.128.187.108
                                                                                                                                                                                                              		pixel.nordicdataresources.netBelgium
                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                              104.21.91.54
                                                                                                                                                                                                              		p.dtsan.netUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              2.21.65.149
                                                                                                                                                                                                              		e114945.b.akamaiedge.netEuropean Union
                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                              104.18.13.146
                                                                                                                                                                                                              		cdn.tynt.com.cdn.cloudflare.netUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              87.248.119.251
                                                                                                                                                                                                              		dcs-ups.g03.yahoodns.netUnited Kingdom
                                                                                                                                                                                                              		203220YAHOO-DEBDEfalse
                                                                                                                                                                                                              18.196.170.244
                                                                                                                                                                                                              		thirdparty-logserver-lb.global.unified-prod.sharethis.netUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              67.202.105.33
                                                                                                                                                                                                              		de.tynt.comUnited States
                                                                                                                                                                                                              		32748STEADFASTUSfalse
                                                                                                                                                                                                              67.202.105.32
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		32748STEADFASTUSfalse
                                                                                                                                                                                                              2.21.65.158
                                                                                                                                                                                                              		unknownEuropean Union
                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                              104.20.12.182
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              67.202.105.34
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		32748STEADFASTUSfalse
                                                                                                                                                                                                              2.21.65.153
                                                                                                                                                                                                              		e167121.b.akamaiedge.netEuropean Union
                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                              2.21.65.154
                                                                                                                                                                                                              		unknownEuropean Union
                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                              104.20.11.182
                                                                                                                                                                                                              		s10.histats.com.cdn.cloudflare.netUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              104.26.11.2
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              13.32.110.126
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse

                                                                                                                                                                                                              Private

                                                                                                                                                                                                              IP
                                                                                                                                                                                                              192.168.2.10

                                                                                                                                                                                                              General Information

                                                                                                                                                                                                              Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                              Analysis ID:1604811
                                                                                                                                                                                                              Start date and time:2025-02-02 00:49:33 +01:00
                                                                                                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                                                                                                              Overall analysis duration:0h 2m 50s
                                                                                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                                                                                              Report type:full
                                                                                                                                                                                                              Cookbook file name:browseurl.jbs
                                                                                                                                                                                                              Sample URL:https://getwellslogsnowonline.vercel.app/
                                                                                                                                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                              Number of analysed new started processes analysed:10
                                                                                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                                                                                              Technologies:
                                                                                                                                                                                                              • HCA enabled
                                                                                                                                                                                                              • EGA enabled
                                                                                                                                                                                                              • AMSI enabled
                                                                                                                                                                                                              Analysis Mode:default
                                                                                                                                                                                                              Analysis stop reason:Timeout
                                                                                                                                                                                                              Detection:MAL
                                                                                                                                                                                                              Classification:mal64.phis.win@20/224@122/44
                                                                                                                                                                                                              EGA Information:Failed
                                                                                                                                                                                                              HCA Information:
                                                                                                                                                                                                              • Successful, ratio: 100%
                                                                                                                                                                                                              • Number of executed functions: 0
                                                                                                                                                                                                              • Number of non-executed functions: 0
                                                                                                                                                                                                              Cookbook Comments:
                                                                                                                                                                                                              • URL browsing timeout or error

                                                                                                                                                                                                              Errors

                                                                                                                                                                                                              • URL not reachable

                                                                                                                                                                                                              Warnings

                                                                                                                                                                                                              • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, Sgrmuserer.exe, svchost.exe
                                                                                                                                                                                                              • Excluded IPs from analysis (whitelisted): 216.58.212.142, 142.251.168.84, 142.250.184.227, 142.250.186.46, 142.250.185.142, 142.250.185.206, 172.217.23.104, 142.250.181.232, 142.250.181.238, 142.250.186.42, 142.250.74.202, 142.250.181.234, 142.250.186.170, 172.217.18.106, 142.250.185.234, 142.250.185.202, 142.250.185.74, 142.250.186.74, 142.250.185.138, 142.250.185.106, 172.217.16.202, 142.250.186.138, 142.250.185.170, 216.58.212.138, 142.250.186.106, 84.201.210.23, 142.250.186.174, 216.58.206.78, 13.107.246.61, 184.28.90.27, 20.12.23.50
                                                                                                                                                                                                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, redirector.gvt1.com, www.googletagmanager.com, clients.l.google.com, www.google-analytics.com
                                                                                                                                                                                                              • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                              • VT rate limit hit for: https://getwellslogsnowonline.vercel.app/

                                                                                                                                                                                                              Simulations

                                                                                                                                                                                                              Behavior and APIs

                                                                                                                                                                                                              No simulations