r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3219
Expires: Tue, 06 Dec 2022 15:03:23 GMT
Date: Tue, 06 Dec 2022 14:09:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5881
Cache-Control: max-age=165575
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:44 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 12:09:19 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8146
Expires: Tue, 06 Dec 2022 16:25:30 GMT
Date: Tue, 06 Dec 2022 14:09:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 13:18:39 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3065
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hxPAVe0EXhWzbSwlxK01YUKUAaW/+D5qGSWdi6shh0X0ZH+i/HhpPClCIOszdEg7JMYl3reTV1LEf8Xi5B8+nQ==
x-amz-request-id: BTNN8CYZYRRD8XPA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 13:47:07 GMT
age: 1357
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 14:09:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 13:11:20 GMT
cache-control: public,max-age=3600
age: 3505
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5850
Cache-Control: max-age=160475
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:45 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:44:20 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.203.75.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.75.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Pw3scv+AM2lC5dw4gCmd8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nUbHuQQ/5OBupjfWgxfKi1ljroU=
ocsp.dcocsp.cn/
79.133.177.232200 OK 471 B IP 79.133.177.232:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 637e10d83745e1976fbd0ed705eb58ee
f3b4e27b35fcb16b6731676955d58385b8e93e92
87cca322ad1c22ddb7c07a214a8bae557e76acabbfb98fdd2e55a8ce7a89143c
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 06 Dec 2022 13:31:28 GMT
Last-Modified: Mon, 05 Dec 2022 14:24:48 GMT
ETag: "638dff30-1d7"
Expires: Wed, 07 Dec 2022 14:24:48 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1670333488
Via: cache21.l2de2[0,0,304-0,H], cache19.l2de2[1,0], cache7.de3[3,3,200-0,H], cache7.de3[4,0]
Age: 2298
X-Cache: HIT TCP_REFRESH_HIT dirn:13:14368769
X-Swift-SaveTime: Tue, 06 Dec 2022 14:09:46 GMT
X-Swift-CacheTime: 1302
Timing-Allow-Origin: *
EagleId: 4f85b19b16703357860751140e
www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
163.171.131.129200 OK 21 kB URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1566), with CRLF line terminators
Hash 6c6f6a1b2f5fbd89810769263877d42a
a3fece60c0499cf1872c5ffb6bb5a0fab96a1799
f73f22e9d419e98f31a90ebb7c216f75bf2641a0c53c15f0e743bf6da5a2f808
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
GET /es/biz/ HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 20621
Connection: keep-alive
Expires: -1
Cache-Control: no-cache, no-store, max-age=0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-7c6be817-0193-4d78-a2be-6f12f5c96df3' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com https://www.knotch-cdn.com;report-uri https://ort.wellsfargo.com/reporting/csp
Content-Language: en-US
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701; Expires=Tue, 06-Dec-2022 14:10:16 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Tue, 06-Dec-2022 14:10:16 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Tue, 06-Dec-2022 14:10:16 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:491115; Expires=Tue, 06-Dec-2022 14:10:16 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=6446040BAD8B8FD2DB9DD3B89E56E77E; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=ES; Domain=.wellsfargo.com; Expires=Wed, 06-Dec-2023 14:09:46 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202212060609461526812755; domain=.wellsfargo.com; path=/; expires=3 Dec 2032 14:09:46 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; path=/; Httponly; Secure
WesdAksn=A6RsxeeEAQAADh0AWEWMdWIcUykoMXMuLtO3aDa20NYlgpwcLtTJx4gd2_a4AaOrg1-cuDv8wH8AAEB3AAAAAA|1|0|5c9b9e4e63e378b28bcb581566aedf0d405547d2; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=8MlanWk1JKEPI8ggxDglQcbjMwIkF4IB3FsMv0BlzwZRWf6OuiBVzwKP8MZpd+OO; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:46 GMT;Httponly; Secure
_abck=39AA44406F593D1E8E9EE3E582F76F12~-1~YAAQJmgRYE4YXsaEAQAAum3F5wkvAZk6QLE/u71YB7Pe5FvU9kz/ujkZ69FO7BPyB1RpvIqs8gGuVCtotqCPSe6kq1WnRfeDMOq5OVbEd7URvFySjIucbAx5FdBA5DCGkUBS+x5gkjH2segnouW4ZRdIAHrwag+sp1GKH7WBYdrJca9FIKWIsoW2cZyvfAbDPFnX/xCBZ1C42GNFKq23OkPiEUE9cjBQjDzS2/5qOItg39mozCegKgmbjXEGhzq5svVSOBI/TnVyx2A4AnuyDVLLBMzhmOH8QXmu6qX+sO6HcX2SyG9bI4FLFLIOy0+Wg3HHUlxgTQu8PtEG9y81Gcmvw66eehvr+wuDs/Ot171GCPeG9C8rrUUsFKi7jEYwEw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:46 GMT; Max-Age=31536000; Secure
bm_sz=DD45EC49019497A474FFD110A7938E6C~YAAQJmgRYE8YXsaEAQAAum3F5xIi4tpES5VOpftpSBc0JuHVlKDEH2+RGSVQl5B7iJujr86EdjjB1ptwFa/FtB41LGw46i04BCFrayRytEmF1I+35tvTiESxKqJi86j5rYC6nfKaH/glow2AVFyl7FQbYhe/PSwUYbZujDOJPkv1J+twADLZYXwPsaNvkcpczn9s+re0QC9pQCETapuHLV362fsKduK967lR/yHvO0uBri+YK97Elv8pIiyieYEXE8QCOfAioV2abwl4RTeVvEs7DOcQSQ+9NfH1NtyjJZCbTs059xbq~4274225~3682614; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:46 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2a_bl21_19613-61198
www--wellsfargo--com--9549329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.131.129200 OK 18 kB URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (31354), with NEL line terminators
Hash 59e9efb0258fa77e22ba60cebadda375
14d20bc503649a3b3275eb229e8a965069d74253
7e28a89f68d98388e4f1b5d76b6770fbc175df1c3545d54ba6c67b1abda5b97b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
fortinet Phishing
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:46 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 17883
Connection: keep-alive
Expires: Tue, 06 Dec 2022 07:50:36 GMT
Last-Modified: Wed, 19 Oct 2022 17:27:48 GMT
ETag: W/"63503394-d905"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Age: 1
X-Via: 1.1 VM-CDG-01uY9168:5 (Cdn Cache Server V2.0), 1.1 bl22:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2a_bl21_19807-32176
www--wellsfargo--com--9549329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/ps-global.js
163.171.131.129200 OK 58 kB URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/ps-global.js
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash af392eceb5785939026904fe5e732b59
bec4dac7e409117cf507217c02fea99974dac589
5472cbd4e60da4689c63a18c499241925add77f6ee329cc919856f983b9b7e93
Analyzer Verdict Alert fortinet Phishing
GET /ui/javascript/publicsite-ui/ps-global.js HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:46 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 57932
Connection: keep-alive
Expires: Tue, 06 Dec 2022 07:50:37 GMT
Last-Modified: Wed, 19 Oct 2022 17:27:16 GMT
ETag: "63503374-2c4b0"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Age: 1
X-Via: 1.1 VMdgflkfFRA2wp48:6 (Cdn Cache Server V2.0), 1.1 bl22:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2a_bl21_20387-64471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a1519823e31cfbef356714d7bc68270e
fdc17b65c7d0215d775abeca128026941c628b2d
7fdd63df37ab467453bac280985a4eb673517d9c76818b9ef4c5702d880489f6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:46 GMT
Last-Modified: Tue, 06 Dec 2022 13:06:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a1519823e31cfbef356714d7bc68270e
fdc17b65c7d0215d775abeca128026941c628b2d
7fdd63df37ab467453bac280985a4eb673517d9c76818b9ef4c5702d880489f6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:46 GMT
Last-Modified: Tue, 06 Dec 2022 13:06:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a1519823e31cfbef356714d7bc68270e
fdc17b65c7d0215d775abeca128026941c628b2d
7fdd63df37ab467453bac280985a4eb673517d9c76818b9ef4c5702d880489f6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2909
Cache-Control: max-age=152181
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:46 GMT
Etag: "638ef142-1d7"
Expires: Thu, 08 Dec 2022 08:26:07 GMT
Last-Modified: Tue, 06 Dec 2022 07:37:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.26200 OK 901 B URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1952), with no line terminators
Hash 5dcc7c101ced74367609685d577093f6
f0d8214335e3c33b634048b992afd536f5bd3e43
10aab16ccfb5374425dc6ee64453a7fe6d7b6dfa47ab65779f42c7db740da1ef
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Tue, 06 Dec 2022 14:09:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=wZOrLz7o2MWohXLFpkhxRA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_touchless_64x64.png
104.110.27.78200 OK 1.9 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_touchless_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2fd7f8c24576c73072097bf2e6259185
0fbda4c7e3b800aec15fea0539ad703ae61d6046
144529be2df1a6a4bbcbd82b300cd99b256fea8a768d3488f8080f4c0a908260
GET /assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_touchless_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-bde"
last-modified: Thu, 14 Jul 2022 02:03:01 GMT
server: Akamai Image Manager
content-length: 1930
content-type: image/webp
cache-control: private, no-transform, max-age=1432885
expires: Fri, 23 Dec 2022 04:11:11 GMT
date: Tue, 06 Dec 2022 14:09:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/matchmaker_woman_1600x700.jpg
104.110.27.78200 OK 35 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/matchmaker_woman_1600x700.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x502, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 539b8a50b31186a56fc5f1ab1297ea78
575c94d22bac962bf0417f00c9539f28ad6296f0
bdb5cb84e084b4f210b9d4d961ed3c47d650e48d5010d6eeeba0a06338ca5988
GET /assets/images/contextual/responsive/lpromo/matchmaker_woman_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c4837f-1857e"
last-modified: Thu, 14 Jul 2022 02:03:06 GMT
server: Akamai Image Manager
x-serial: 322
x-check-cacheable: YES
content-length: 34606
content-type: image/webp
cache-control: private, no-transform, max-age=1671888
expires: Sun, 25 Dec 2022 22:34:34 GMT
date: Tue, 06 Dec 2022 14:09:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marekting_belt_credit_card_64x64.png
104.110.27.78200 OK 1.6 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marekting_belt_credit_card_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b6865ccc7a6df08112ed1669824be71c
1a51df486fd125ee8a966115a1373e4b34e49c11
f33f804c40891284e0c3afcd509b199e56f3a2821fcc2f83f60aa66cf60ba305
GET /assets/images/rwd/icons/marketing_belt_icons/icn_marekting_belt_credit_card_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-9d0"
last-modified: Thu, 14 Jul 2022 02:03:02 GMT
server: Akamai Image Manager
content-length: 1648
content-type: image/webp
cache-control: private, no-transform, max-age=1671875
expires: Sun, 25 Dec 2022 22:34:21 GMT
date: Tue, 06 Dec 2022 14:09:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/es/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL HTTP/2 www17.wellsfargomedia.com/assets/es/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c5f6eb132665afa77e8ac7a1a707e951
70d65ab0dcfaace4c1d8bbb772af4fd7c6f66c80
0d7727e08780a04f9c86fca16ed264664eea2b161744cfb70836880bf04fc1ac
GET /assets/es/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c392e6-10c2"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1710
content-type: image/webp
cache-control: private, no-transform, max-age=1626623
expires: Sun, 25 Dec 2022 10:00:09 GMT
date: Tue, 06 Dec 2022 14:09:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_gettyimages-691573493_1700x700.jpg
104.110.27.78200 OK 25 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_gettyimages-691573493_1700x700.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73d5e0b0076f087b0878d8d90308b115
6af270bc7003c54dcff68b2b283c43799bc85abc
490dbbb001e913bcb03b5b1099174db6ff6ff1fe8396f2ab44e63c29899f1168
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_gettyimages-691573493_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61fc441a-17f0e"
last-modified: Thu, 14 Jul 2022 02:03:05 GMT
server: Akamai Image Manager
content-length: 24624
content-type: image/webp
cache-control: private, no-transform, max-age=1620769
expires: Sun, 25 Dec 2022 08:22:35 GMT
date: Tue, 06 Dec 2022 14:09:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_checking_64x64.png
104.110.27.78200 OK 1.7 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_checking_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7d5653912e62290c532bc8739c69731e
c48cd970eaa966f211e760a0fb19eda8fc6f4a8d
f7a7b6bbb8e06125faa2e4d2199f44d59c89cf361d3334f1db281d7e827602fe
GET /assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_checking_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-957"
last-modified: Thu, 14 Jul 2022 02:03:02 GMT
server: Akamai Image Manager
content-length: 1652
content-type: image/webp
cache-control: private, no-transform, max-age=1639842
expires: Sun, 25 Dec 2022 13:40:28 GMT
date: Tue, 06 Dec 2022 14:09:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn-marketing-belt-cash-hand_64x64.png
104.110.27.78200 OK 2.5 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn-marketing-belt-cash-hand_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 01695377e69f7063e1550746495c81f5
609ec8ee8dd28f128f0477b6147817750c9b341e
5c9d48467771247548445209a10047ced732d2da276c072f4c6c5a483405c944
GET /assets/images/rwd/icons/marketing_belt_icons/icn-marketing-belt-cash-hand_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-103b"
last-modified: Thu, 14 Jul 2022 02:03:01 GMT
server: Akamai Image Manager
content-length: 2520
content-type: image/webp
cache-control: private, no-transform, max-age=1671935
expires: Sun, 25 Dec 2022 22:35:21 GMT
date: Tue, 06 Dec 2022 14:09:46 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--9549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.131.129200 OK 4.3 kB URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (9269)
Hash ac3df0703b6b0a7dd3bd7beb0e832978
fe36c7667292e71bad7e919aff9940cf52795285
d8b6846212bf301d11a97e6941c8417859ef97a29c6965d6bf88ecfa6f122f29
Analyzer Verdict Alert fortinet Phishing
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:46 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4284
Connection: keep-alive
Content-Encoding: gzip
Expires: Tue, 06 Dec 2022 14:09:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A7duxeeEAQAA12rba65RAh_E1yfQC5409gKoLZsWPbHK8NpIrRBMlxHRHp6WAaOrg1-cuDv8wH8AAEB3AAAAAA|1|0|2252bcd95b513f521c3127556bcd57f010beaa69; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=FNU6YwWBQxca9Be0Ma4dArWgT2M4vncI9VdagFC+PVv1VUyRLmjEmcKpdKcIbjyj; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2a_bl21_19613-61257
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3127
Expires: Tue, 06 Dec 2022 15:01:53 GMT
Date: Tue, 06 Dec 2022 14:09:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3127
Expires: Tue, 06 Dec 2022 15:01:53 GMT
Date: Tue, 06 Dec 2022 14:09:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3127
Expires: Tue, 06 Dec 2022 15:01:53 GMT
Date: Tue, 06 Dec 2022 14:09:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3127
Expires: Tue, 06 Dec 2022 15:01:53 GMT
Date: Tue, 06 Dec 2022 14:09:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 56798
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6079166a1ed5bac7373183f03f33b84e
b0c9391b87a4560598e43d5084dda41e267974a9
3e2faccbc3e14a10da4a433d789068cdc3fb2d3e2a04a7e2b7ea5f6f6313dcd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13647
x-amzn-requestid: 36276b12-9e02-4d00-a100-9aa5c794fc79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ueEWUoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1329-7abb45a85c6bc2235c25d61e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9YSJ6eCtWQCdDe_GCPCGgqrM-wfAwEg4n69Tp23Jjz5ORGGvBfzIWw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 23:08:53 GMT
age: 54054
etag: "b0c9391b87a4560598e43d5084dda41e267974a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 56844
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e11524d75503e35c404d6c9a12ac540
5626b75f5c2523f1a0fc301839a06a4e2407f106
d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6jWrhftx7tANXoWkKtCCjzm66zJDY13bpoA-7qVaZJNHEGsJS8dniw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:05:41 GMT
age: 36246
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebd3528452aecd80e39bbf82d3f71f2c
eaa956309d27052d466f7c4bd75b3bdf8443f251
680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P9Yc2Lh9Kw4AEDZyc9R9WExLdUnCitDeuy0NjttQM-EL1cdVndZxFA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:30:36 GMT
age: 56351
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:22 GMT
age: 56845
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.26200 OK 11 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (31790)
Hash 6d79a0dbc6ea2602aa38bbf53e43124e
8b53e45df3e4aea81cbfaa90081f6795bcfe39fc
d2aa003ecdd6c31e12964104bd23498a60e94fa2d163c6d1ff285db59f61bb6a
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 12 Feb 2022 17:58:28 GMT
Vary: Accept-Encoding
ETag: W/"6207f544-7c61"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 11076
Date: Tue, 06 Dec 2022 14:09:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=mKlKoY9DNgIWX1BiSFOCrQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
23.36.79.26200 OK 17 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (48287)
Hash a75fd8e10b107df2ef26038f1783ac4e
b27d8fc62fd83f944d638b93140ec05bd050ded4
9baeb568dd185db9aeaefd009c3778e3fe04b59acfa6c04fe96bdf608c8f2299
GET /assets/js/wfui/container/wfui-container-top.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 13 Aug 2022 13:50:11 GMT
Vary: Accept-Encoding
ETag: W/"62f7ac13-bcef"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 16778
Date: Tue, 06 Dec 2022 14:09:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=fhWvtD+WxKYtCoaCJL7ZxQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:0
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:04:58 GMT
etag: "62d9b16a-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=7827001
expires: Tue, 07 Mar 2023 04:19:48 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:0
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=1967851
expires: Thu, 29 Dec 2022 08:47:18 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:0
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=1877710
expires: Wed, 28 Dec 2022 07:44:57 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:0
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=1944645
expires: Thu, 29 Dec 2022 02:20:32 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:0
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=1877430
expires: Wed, 28 Dec 2022 07:40:17 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&cb=1670335786236&event=PageLoad&pid=tcm:703-225258-64&ptid=tcm:703-223694-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fbiz%2F&clist=702-228795-16~91-2829-32|84-224686-16~91-2049-32|703-6793-16~91-223645-32|283-192509-16~91-223645-32|283-148263-16~91-223645-32|283-38072-16~91-223645-32|84-226264-16~91-223649-32|84-233306-16~91-223645-32|84-226382-16~91-223645-32|283-226516-16~91-223647-32|283-244189-16~91-236597-32|283-226480-16~91-226306-32|283-224785-16~91-223660-32|283-235016-16~91-223671-32|283-238621-16~91-228642-32|283-226262-16~91-223669-32|283-225008-16~91-223650-32|283-247102-16~91-244420-32|283-225025-16~91-223650-32|283-225026-16~91-223650-32|283-225027-16~91-223673-32|283-226514-16~91-223668-32|283-226635-16~91-223675-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&cb=1670335786236&event=PageLoad&pid=tcm:703-225258-64&ptid=tcm:703-223694-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fbiz%2F&clist=702-228795-16~91-2829-32|84-224686-16~91-2049-32|703-6793-16~91-223645-32|283-192509-16~91-223645-32|283-148263-16~91-223645-32|283-38072-16~91-223645-32|84-226264-16~91-223649-32|84-233306-16~91-223645-32|84-226382-16~91-223645-32|283-226516-16~91-223647-32|283-244189-16~91-236597-32|283-226480-16~91-226306-32|283-224785-16~91-223660-32|283-235016-16~91-223671-32|283-238621-16~91-228642-32|283-226262-16~91-223669-32|283-225008-16~91-223650-32|283-247102-16~91-244420-32|283-225025-16~91-223650-32|283-225026-16~91-223650-32|283-225027-16~91-223673-32|283-226514-16~91-223668-32|283-226635-16~91-223675-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&cb=1670335786236&event=PageLoad&pid=tcm:703-225258-64&ptid=tcm:703-223694-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fbiz%2F&clist=702-228795-16~91-2829-32|84-224686-16~91-2049-32|703-6793-16~91-223645-32|283-192509-16~91-223645-32|283-148263-16~91-223645-32|283-38072-16~91-223645-32|84-226264-16~91-223649-32|84-233306-16~91-223645-32|84-226382-16~91-223645-32|283-226516-16~91-223647-32|283-244189-16~91-236597-32|283-226480-16~91-226306-32|283-224785-16~91-223660-32|283-235016-16~91-223671-32|283-238621-16~91-228642-32|283-226262-16~91-223669-32|283-225008-16~91-223650-32|283-247102-16~91-244420-32|283-225025-16~91-223650-32|283-225026-16~91-223650-32|283-225027-16~91-223673-32|283-226514-16~91-223668-32|283-226635-16~91-223675-32 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Z9puCHpXhSVepuSQfBJoP88V0RwnvwNN1cktDHuh19DkEnXb62bpQlgQq7Nrd4zS; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2b_bl21_19807-32239
www--wellsfargo--com--9549329d48d6c.wsipv6.com/as/target/offers/conversations
163.171.131.129200 OK 921 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/as/target/offers/conversations
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type JSON data\012- , ASCII text, with very long lines (2527), with no line terminators
Hash cc25a58446baccb3d654bbd30e5e076f
105701e8bc6688ed45e18cb0a060eb45acc1c67c
22eeaa23138a313f184f6b3d75214b119c3886f3bec04443234affb6ddf490ba
Analyzer Verdict Alert fortinet Phishing
POST /as/target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 103
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:47 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 921
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-f8fab21d-fedd-4b4e-98ef-585ad4faeb4a' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com https://www.knotch-cdn.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:491115; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:5c0c1035-bc56-47ed-9dc7-0c3e38a5dc06; Expires=Tue, 06-Dec-2022 14:10:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:5c0c1035-bc56-47ed-9dc7-0c3e38a5dc06|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Tue, 06-Dec-2022 14:10:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Tue, 06-Dec-2022 14:10:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917; Expires=Tue, 06-Dec-2022 14:10:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:102; Expires=Tue, 06-Dec-2022 14:10:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=01ADBBA07CE79ACB81D7A9DE880B7ADC; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Wed, 06-Dec-2023 14:09:47 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202212060609471792982773; domain=.wellsfargo.com; path=/; expires=3 Dec 2032 14:09:47 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=LznxQD0AXF5wbxwLmNJLSoO9+y2dId4tU2y0eJBcrU%2fkdfFnMV2mCZ7wQ0eKcO16; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:46 GMT;Httponly; Secure
_abck=147771F90CE30BA0A87338A98DF42EAA~-1~YAAQHWgRYDkDnYmEAQAA7nDF5wmbm8NVhqPnGQGhxxw8laCz+bD/YZerNC3SDu1s9bvcitalWtZYeJV2nASBy8vRVP43W/55hkImNruFbMiYWw5NgDHF6XEVUe+YcvYrB5+OBnnAYuGJZzWugCCf5Qjvfp80mx5scLT3JQqAT6oqjwEkCZA5U1OwSj/lWmSrwqd7B2DmiSGe0TylHbyDqmjlzozNAIFk1klAva+ig2PJuZrRf+SmmrAagZe9lYBDb75eYPnxNMK811khL+kW7eVZBokDhR/cwFR1UJCGDIp3qvrUZCqDClJ9/MhKAO1uxlWef3FCY8TVTOPTmWORSWGkPwtySi9K0jdXG/8E6y09FhJb+vbCI6zNHycszYY62g==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:47 GMT; Max-Age=31536000; Secure
bm_sz=7379230ADB28F315E43219509577AE49~YAAQHWgRYDoDnYmEAQAA7nDF5xIJNbz+bujyatObVYAULIfdIy/fmJG2yyDPJ6ZXEyM7IVFxQyFygZxRHutuwrCl+ww6MiVUeE4OtqW28jwRgpscOcHXiz8kQkEh4V2m0NR73Jb6BZ9MN6qRG6qi6JmHqwkKOYx3ZTPKxs/E9qfUZe9/oo6U160rxTYtmxrbU0PMU5acP1hDXJ+kknt5VYjB2QraFhai5FlE9CTEtc+C+/xjc18LplSJQChXK0caK4KsSFVQfI0Btor+JLaz4BhuAWFCuzG2XdHyltjDXisjeUosdhea~4274225~3682614; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:46 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl22:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2a_bl21_19613-61296
static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
23.36.79.26200 OK 13 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (41881)
Hash 346912f774e106a5ea6f78459c661c4a
71d774577bd02f71c5def49535f88a92bd1b7088
8e7d64f1048594472f76fc1b6796a2b8fe847953a2e5b15636f3862e629ff27b
GET /assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 09 Nov 2022 04:37:54 GMT
Vary: Accept-Encoding
ETag: W/"636b2ea2-a3cb"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 13370
Date: Tue, 06 Dec 2022 14:09:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=+3mTCS2ri97hg8PJey4FqA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--9549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.131.129200 OK 306 kB URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (65356)
Size 306 kB (305866 bytes)
Hash 0a73606e47133a2d2a13f7b5e1750e3c
8faaf759f275f0b66491df1c5077939099282044
cadbb05fc74ea8549b09ebed74da9dddf5499847acbcfaf7775b67a48abfc1ed
Analyzer Verdict Alert fortinet Phishing
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:47 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Tue, 06 Dec 2022 14:09:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=WtMePC7Zdq638SMLk5QUiR4ah7HpOevnjrELi%2fmhK5AeFAF%2frU5YDTYuzeIf9N1x; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2a_bl21_19789-59292
static.wellsfargo.com/tracking/hp/utag.js
23.36.79.26200 OK 55 kB URL HTTP/1.1 static.wellsfargo.com/tracking/hp/utag.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15536), with CRLF line terminators
Hash a2ab4b46ad30f60866211f2fe5de68a3
125c39f1a776161eb319a742ae7ce621f4c38933
11f666b297e903717f7f8fb577dca1beb1db6bff324a2a99b4dc0c639f883452
GET /tracking/hp/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:35 GMT
Vary: Accept-Encoding
ETag: W/"632cc04b-32229"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54746
Date: Tue, 06 Dec 2022 14:09:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=hNcIzxDDg%2fFGVAGFNFPmLQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css
23.36.79.26200 OK 2.7 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 5257c2e188d24ddc00cc92573e5f2cfb
3526eb21d812e9ebfcb3514cc2ff9ad53abe442e
ae7a3a2c2db5a1dc74814e5001e439aeeae648e3b31cdb7474856dc52ea0b223
GET /assets/js/wfui/ndep/css/nuance-c2c-button.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 14 Jul 2021 10:08:23 GMT
Vary: Accept-Encoding
ETag: W/"60eeb797-2bb3"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2671
Date: Tue, 06 Dec 2022 14:09:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=5qUQ+vcV3YNygEgLdqv+Ew%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css
23.36.79.26200 OK 505 B URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF, LF line terminators
Hash e2966fedd68930d5281a2ed6ea61c0d3
1ede5572cf49f251c212abdbd6f2df4bb48de1fe
c2ef5abb39d304068b5476114ebc952a97c091ea59348c8ba3adeadc715976ad
GET /assets/js/wfui/ndep/css/nuance-chat.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 17 Nov 2020 14:00:34 GMT
Vary: Accept-Encoding
ETag: W/"5fb3d782-52b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 505
Date: Tue, 06 Dec 2022 14:09:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=dUNwcDJC6qSb8wYyFpQIUA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 1.6 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b9d2c719de3d6701349f1134e129defe
703a51a2f72672f6b34a3dcf8d07c351143f9151
95ae72a8f3b1f5794802b2704b74bef2f29fe1b8da1f06c97a8e7ab2acb5e435
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "6116f9a6-dcf"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1636
content-type: image/webp
cache-control: private, no-transform, max-age=1526699
expires: Sat, 24 Dec 2022 06:14:46 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=16100
expires: Tue, 06 Dec 2022 18:38:07 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/cash_1700x700.jpg
104.110.27.78200 OK 19 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/cash_1700x700.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 35a3bd31455b38a9c5aaeeb38c8a4c53
d9a55b449b7842366b03b8c68367ec28303f5e27
ea2e65a8c3ae96f4f16bd0eac910cf5c3ad4a18c2a04a0ab5573337a146bbaa9
GET /assets/images/contextual/responsive/hpprimary/cash_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "63331201-12c0e"
last-modified: Tue, 11 Oct 2022 21:11:21 GMT
server: Akamai Image Manager
x-serial: 1084
x-check-cacheable: YES
content-length: 19134
content-type: image/webp
cache-control: private, no-transform, max-age=2444888
expires: Tue, 03 Jan 2023 21:17:55 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_magnifying-glass_color-gradient_64x64.png
104.110.27.78200 OK 1.5 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_magnifying-glass_color-gradient_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5f7ebe6f9d9c334607b34d59399187ba
08b6be81b1a1cb76b67779e53b34dc0363ce3900
6da80e2cf89f588623941b579e21ed68904e8efa5ae89b04a215db5d7658bf1a
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_magnifying-glass_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62587d96-e89"
last-modified: Thu, 14 Jul 2022 02:03:03 GMT
server: Akamai Image Manager
x-serial: 1190
x-check-cacheable: YES
content-length: 1466
content-type: image/webp
cache-control: private, no-transform, max-age=1671843
expires: Sun, 25 Dec 2022 22:33:50 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 2.3 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cd43a2d200f1b8eec84495408eb299f0
2eb173b0af9b49b634e0645a96931f5fdf6e3ab3
659ec8c02bafa9c286c39731fb1d2d382a7a8dd2ee8cc4132146558dbe27b6a8
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61619278-9f2c"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 858
x-check-cacheable: YES
content-length: 2330
content-type: image/webp
cache-control: private, no-transform, max-age=1645294
expires: Sun, 25 Dec 2022 15:11:21 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 2.3 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2f9e97870725142046712437d067b97f
bf8db685193835edea05ac95e5671b24e0f49467
50ce7b0d954443e5fd62e3cd003bc7124bda0b30dd58d6a66485c72be96959c0
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61619278-cf3e"
last-modified: Thu, 14 Jul 2022 02:02:39 GMT
server: Akamai Image Manager
content-length: 2340
content-type: image/webp
cache-control: private, no-transform, max-age=1496224
expires: Fri, 23 Dec 2022 21:46:51 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 2.1 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bf02d082705f06162b2e73f68602e79e
219dbb45081fa5d8663bad2f96e9066e7f17aa6e
10c22e3b130204065c1a61e7995a9defe21f0408801e8b442035a03f8d16ad64
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61619278-7b35"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
x-serial: 416
x-check-cacheable: YES
content-length: 2092
content-type: image/webp
cache-control: private, no-transform, max-age=1676704
expires: Sun, 25 Dec 2022 23:54:51 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-4-bg-gradient.png
104.110.27.78200 OK 2.6 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-4-bg-gradient.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1626a2f9535a10e8d076cab3de0df78f
4c2c4d82a3d4b49457a8a17a345c07c9617202fd
3fbf3b0d590832220370ac5dd608fa737315363f163967c6671d228bd3161084
GET /assets/images/homepage/position-4-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61619278-ea13"
last-modified: Thu, 14 Jul 2022 02:02:46 GMT
server: Akamai Image Manager
x-serial: 1250
x-check-cacheable: YES
content-length: 2594
content-type: image/webp
cache-control: private, no-transform, max-age=1630231
expires: Sun, 25 Dec 2022 11:00:18 GMT
date: Tue, 06 Dec 2022 14:09:47 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js
23.36.79.26200 OK 35 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (306), with CRLF line terminators
Hash 6b6e25186e12dddab5cfc7e3eaf88138
b10a74c86e7fa78e2c8a7b3797bcfaf7ccc717e7
c626e63ae020f2dff5a3dd67681ef69d4fb334218d325321dabfa5e206586602
GET /assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 09 Nov 2022 04:37:55 GMT
Vary: Accept-Encoding
ETag: W/"636b2ea3-24709"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 35227
Date: Tue, 06 Dec 2022 14:09:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=RUmcj3u+4mv78IAExqbYAQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js
23.36.79.26200 OK 5.6 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (928), with CRLF line terminators
Hash 00e6f77045d9c92840a490cfcdc9ff6a
22f273b66fe0c5d43cf747fb9868b0904d5ee4b8
4d144f941f05ff42f2a818328b7524c6d3f2b6efc1fe93a09794af14ad262f6c
GET /assets/js/wfui/ndep/js/nuan-c2c.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Mar 2022 05:41:26 GMT
Vary: Accept-Encoding
ETag: W/"62317886-590b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 5649
Date: Tue, 06 Dec 2022 14:09:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=zhpenD+WeuFM9VvTF7uzZQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--9549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AAB7vOeEAQAAY3iTpgXOEYu1VhgIu9yBzZAjqMSvUrb-oSQpuzJKIrUEvYcr&X-G2Q3kxs3--z=q
163.171.131.129200 OK 148 kB URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AAB7vOeEAQAAY3iTpgXOEYu1VhgIu9yBzZAjqMSvUrb-oSQpuzJKIrUEvYcr&X-G2Q3kxs3--z=q
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (65536), with no line terminators
Size 148 kB (147484 bytes)
Hash d3b7f3dc9c5e0f5372716f9e641e7945
daaa4fe0a5812800850a03673116801dffddac2b
997de362dbdad9f529b178ac8f9bbf81e5573f923efa0c37f56d9e56e84bb138
GET /auth/login/static/js/general_alt.js?async&seed=AAB7vOeEAQAAY3iTpgXOEYu1VhgIu9yBzZAjqMSvUrb-oSQpuzJKIrUEvYcr&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:3c0f85a8-0cda-4e59-96d8-2bb9dd2b1701|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:47 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Tue, 06 Dec 2022 14:09:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A7FvxeeEAQAAQ40pnqjhsO_Cer_SaB5Z_BT5xaDS4EbwfvJHL0Ks9UF9fhUyAaOrg1-cuDv8wH8AAEB3AAAAAA|1|0|f7797f7c082901588f2faf6e7721b0a6fb180844; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=OA2g44oiDH%2fvpPl3U9mJyQ8R8e%2fioeyva0vg7aY6YlahCSC6C+mfkm31g99oY+cV; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2a_bl21_20387-64489
www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-platinum_79x49.png
104.110.27.78200 OK 1.4 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-platinum_79x49.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0880265bd118920fd1ca18eabb29c528
49602ee1485b1f4055635d42c568546e13aa8c90
37dd0a3404af3c62777281c147d144378dd6809620e531e58a17423abc057c38
GET /assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-platinum_79x49.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "6335f9d5-1a8f"
last-modified: Mon, 03 Oct 2022 02:02:07 GMT
server: Akamai Image Manager
x-serial: 1888
x-check-cacheable: YES
content-length: 1436
content-type: image/webp
cache-control: private, no-transform, max-age=1671929
expires: Sun, 25 Dec 2022 22:35:17 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-elite_79x49.png
104.110.27.78200 OK 1.4 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-elite_79x49.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cc3d77556283919af04e0641e3e37250
1e96a649e7cb434597082cc204b050127e36e8f8
21c8d2fc781f13fb45ae4208b353c983d49d41c3505e94e29b5c1d5c31e19c68
GET /assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-elite_79x49.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-1bfd"
last-modified: Thu, 14 Jul 2022 02:03:02 GMT
server: Akamai Image Manager
content-length: 1350
content-type: image/webp
cache-control: private, no-transform, max-age=1308675
expires: Wed, 21 Dec 2022 17:41:03 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_tablet_flower_shop_616x353.jpg
104.110.27.78200 OK 33 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_tablet_flower_shop_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65a51929096fa18d4bb06f2a29891a75
d34df0eb676d584af89dfc2b6e022b4910b90cc0
d67a289220cf94e6d81eefe14a1a911aeeff5010229d78c409fe55761f2d8108
GET /assets/images/rwd/photography/616x353/man_tablet_flower_shop_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189aa-d24b"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 33186
content-type: image/webp
cache-control: private, no-transform, max-age=1552504
expires: Sat, 24 Dec 2022 13:24:52 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/2_woman_cafe_folder_616x353.jpg
104.110.27.78200 OK 55 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/2_woman_cafe_folder_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a974c3d7e7eec33c0b3a6a51bc5dda5b
e3c5e2e739d51f334183573016c9e00de421bed5
ca43102cb524defb85fcf58b1236f271a8c02303e3e4e1df6351273867576cce
GET /assets/images/rwd/photography/616x353/2_woman_cafe_folder_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189aa-11d15"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 54586
content-type: image/webp
cache-control: private, no-transform, max-age=1671932
expires: Sun, 25 Dec 2022 22:35:20 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/food_truck_card_insert_616x353.jpg
104.110.27.78200 OK 26 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/food_truck_card_insert_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e004488f9fb67721f39390f524ad5c78
24a7cf417462d429cc72dc5ea55873c4cdeef796
1b422aeb872e1f5c9a0c4ea9db41f1022d6c38a83d7e5e806d1ca6741ab3be6a
GET /assets/images/rwd/photography/616x353/food_truck_card_insert_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189a9-b2b6"
last-modified: Thu, 14 Jul 2022 02:02:38 GMT
server: Akamai Image Manager
content-length: 25792
content-type: image/webp
cache-control: private, no-transform, max-age=1671916
expires: Sun, 25 Dec 2022 22:35:04 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Navtive_App_Phone_Personal.png
104.110.27.78200 OK 15 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Navtive_App_Phone_Personal.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 42f3bed043f7a3b4c585c74b98e35499
16d8482ca3e416cb9203f15bd0c0faa82e622327
ecfea4fcc40f95576acdf90df879a5bed9a1c481a69c127d940c616e5332cc98
GET /assets/images/rwd/Navtive_App_Phone_Personal.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61a934dd-41c5b"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 15388
content-type: image/webp
cache-control: private, no-transform, max-age=1671841
expires: Sun, 25 Dec 2022 22:33:49 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_kitchen_tablet_616x353.jpg
104.110.27.78200 OK 26 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_kitchen_tablet_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce943ec0868d0b5769548025730ebb06
31d26f01d9a1e62d683b1165bec3d6e5b5310093
be1ec3a15be24dbd2904218e9def59d04b54bdca02738ee718a55823572f179a
GET /assets/images/rwd/photography/616x353/woman_kitchen_tablet_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189a8-c00f"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 25762
content-type: image/webp
cache-control: private, no-transform, max-age=1671883
expires: Sun, 25 Dec 2022 22:34:31 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_computer_paper_shop_616x353.jpg
104.110.27.78200 OK 33 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_computer_paper_shop_616x353.jpg
IP 104.110.27.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 616x353, components 3\012- data
Hash 816d65c2758ff533fa6e21801daeb1e6
08e4d8044b39ddbef43651cb29b371c450e651c1
72137441f0a479553ec1c095ac9f20ae25a6a1a631f910415ea2e18eb367f2bd
GET /assets/images/rwd/photography/616x353/man_computer_paper_shop_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189aa-a3e7"
last-modified: Thu, 14 Jul 2022 02:02:38 GMT
server: Akamai Image Manager
x-serial: 510
x-check-cacheable: YES
content-length: 32871
content-type: image/jpeg
cache-control: private, no-transform, max-age=1448737
expires: Fri, 23 Dec 2022 08:35:25 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_woman_shoes_616x353.jpg
104.110.27.78200 OK 25 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_woman_shoes_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11d5c849b66051138628a9cbe63132fd
7b30e03cf2ba108867c248ecdc8207bd6a4bb80c
ba5375591bbba655a050fea8fb3c9dfa7561d09a102c7b4a987999cc7b4ddb0d
GET /assets/images/rwd/photography/616x353/man_woman_shoes_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189a9-d12c"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 25094
content-type: image/webp
cache-control: private, no-transform, max-age=1599174
expires: Sun, 25 Dec 2022 02:22:42 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_computer_writing_mugs_616x353.jpg
104.110.27.78200 OK 34 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_computer_writing_mugs_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 58ede609c8abd3ba38aa9d0e8de3298e
b2236e0ac30a78ef74c1db03a331f2cdc78dbf34
8e7880330ef42f2dd950fea1001a6124574a5a03afc384b88a2b744b9875fbb5
GET /assets/images/rwd/photography/616x353/woman_computer_writing_mugs_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189a8-e4dd"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 33632
content-type: image/webp
cache-control: private, no-transform, max-age=1523188
expires: Sat, 24 Dec 2022 05:16:16 GMT
date: Tue, 06 Dec 2022 14:09:48 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.26200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65508)
Hash f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45086
Date: Tue, 06 Dec 2022 14:09:48 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ImIRpy4nUljVhNdL+iSIHQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
95.101.10.194200 OK 150 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 95.101.10.194:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (150381 bytes)
Hash 2b7e72638e7baf74aaef23aaa68cc2b1
7d7f59f0936ef5687b2830812d4b274eb2b5ddfc
215ba2d16e3686f782168b6c3cc4188b92ab2a85d84d373c534b7d13232fe93b
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"638eacf2-172f"
Last-Modified: Tue, 06 Dec 2022 02:46:10 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 14:09:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A2h1xeeEAQAAVQG0l_7JNhDfb0uiaWph7NDFT1JI2AnD_rjRsdzO2eHXe-P-AVtaKpqcuDv8wH8AAEB3AAAAAA|1|0|3fac033d37f568226286e9e74750c1c50e28db0d; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=eD9vvzmwqRiTMtdWv5wTH+YXYJJ4hydKNzlXZSdjrqg%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.26200 OK 14 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Tue, 06 Dec 2022 14:09:48 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ewHxMBVCq5wZWUwigBVnuA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/gb/detector-dom.min.js
23.36.79.26200 OK 132 kB URL HTTP/1.1 static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65434)
Size 132 kB (131829 bytes)
Hash 73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:51 GMT
Vary: Accept-Encoding
ETag: W/"632cbfa7-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 131829
Date: Tue, 06 Dec 2022 14:09:48 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=I48zIGJLNwNMyLz54Xoalw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7055ce70d7ede0ef667afe357848fd69
5959653114063d49266f21b4cd0f71ed4d5426a3
6c2cd6ac74d1bffefcf4ce13d2c83ee13a3295404d689026c7a0067babc671c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5541
Cache-Control: max-age=149368
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:48 GMT
Etag: "638edbff-1d7"
Expires: Thu, 08 Dec 2022 07:39:16 GMT
Last-Modified: Tue, 06 Dec 2022 06:06:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www--wellsfargo--com--9549329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.131.129200 OK 175 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type JSON data\012- , ASCII text, with no line terminators
Hash 2a8499864096f2fbf6f2081387782670
e0ef0d7ef9feb08eeb609ebd7fe5155d0b3118b0
91c6e292c2ce48958982136461adc022a233eabc39ac90621aceb5441e4550bf
Analyzer Verdict Alert fortinet Phishing
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Content-Type: multipart/form-data; boundary=---------------------------270628087121346404183866330943
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Content-Length: 171
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; ADRUM_BTa=R:34|g:5c0c1035-bc56-47ed-9dc7-0c3e38a5dc06|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:102; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:1$_ss:1$_st:1670337587545$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=638434692; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=T3BWc0nTvGggN5c9HFTXh7YQhZmf4s68CmiOgpLo7%2fBzQsCVbnqepv%2f46CVGEQOR; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:48 GMT;Httponly; Secure
_abck=7DCFB7512CE7B908C33E84D83F56E335~-1~YAAQJmgRYLEYXsaEAQAAcnbF5wlKfUKCwDhRiROwMwLGxreBxH/hdgN5yurp0RpaViRTFpQIbVOvXRrjK0rI6LG8yvOgHOZHCzHCacKLuIxAGrEL6AbGsostj8GNwsBzKu62+RQtEwlpLZbLAbHI9+ReRXjfJMBg5quN0ZfrsMSL7jAMpMleCz1ssG1IFPsPR2AD6tQlSsKn0lAu4x1HuXymL+MyVjGdLnv9qHXE8vPvI5I1pjAB1T2Upb+nxSZJMRSKrORh3ZqPFQNeU+tGb925Z1hpz56SuPOBIzsrup9uk9nYgpICxpgcK5hP6BsCuN9N5UIWxtIvf0qXmAe0lV7TyiHy4LGmkm8efIC8gWQiTZDQtfaBPCQ+yLS+UyahZA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:48 GMT; Max-Age=31536000; Secure
bm_sz=9F2A1BF58F1AB53D96C1885B728109BD~YAAQJmgRYLIYXsaEAQAAcnbF5xJtDIVylv7JBU22utThkeWZ1NxR2O2oElI3XOU0+CIsKjn2M8VSPw4BuXwJRl5UEcc+EwCCBTTrQWyvxF+kbGJa8kl3EbVO++JYcWEvExkhf++Orzi8DBtQdHxYj101+V2EXMkPTYG6qk8rs9bRgZbvrulN2MVfrYOgMuq8NfS0EDO9VerrOmP/JPeI29BCsgaLNMH1EuakVqKDuHvj9mNo1uZK60xRQvH2cL4cxpxAnhfDlq5YbUpkRP5TL/XLX88gWdiLoqOydoNq4Y2FcwLygczf~4405046~3359557; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:48 GMT; Max-Age=14400
X-Via: 1.1 bl21:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2c_bl21_19789-59419
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a97c490a5f57669e4779f159c4dc7c2e
a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc
440bae73a0f989f36ec69b72d2cd21fab3637efc498af4a5e77d74a55ea7fca7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 01:42:53 GMT
Expires: Sun, 11 Dec 2022 01:42:52 GMT
Etag: "a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc"
Cache-Control: max-age=386583,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775599f6f9bdfac8-OSL
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1670335788394
34.252.79.40200 OK 319 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1670335788394
IP 34.252.79.40:0
File type JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Hash 38e8a193609fbba5f425f25e8b4fb6af
f462d9ee727f4c75408d9fa19ea18e7ddcbeb348
e34bc457ea026b6ed0ca230e3542d9b04526c35078c8a49e88ba89557eb08cce
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1670335788394 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-061dae83e.edge-irl1.demdex.com 4 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=77125695505171260893162020271265502426; Max-Age=15552000; Expires=Sun, 04 Jun 2023 14:09:48 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: MG2P3IiSRlM=
Content-Length: 319
Connection: keep-alive
api.rlcdn.com/api/identity/idl?pid=1317
34.120.133.55451 Unavailable For Legal Reasons 0 B URL HTTP/2 api.rlcdn.com/api/identity/idl?pid=1317
IP 34.120.133.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/identity/idl?pid=1317 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Tue, 06 Dec 2022 14:09:48 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=77117159524639195783165125946225143497&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202212060609461526812755%011&ts=1670335788650
34.252.79.40200 OK 320 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=77117159524639195783165125946225143497&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202212060609461526812755%011&ts=1670335788650
IP 34.252.79.40:0
File type JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Hash cc6aa8d58090ae21560170ab4e688f40
a8a7a95490b2ea6e75cd2d90174d3a65b65397bf
a9f0c1c1cd61c513927c6a0feb15c6248637e14aa7339da0a6ece63efae4e254
GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=77117159524639195783165125946225143497&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202212060609461526812755%011&ts=1670335788650 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0078884aa.edge-irl1.demdex.com 8 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=63643850122107477420714563636792828915; Max-Age=15552000; Expires=Sun, 04 Jun 2023 14:09:49 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: SKxY2m7YScM=
Content-Length: 320
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a97c490a5f57669e4779f159c4dc7c2e
a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc
440bae73a0f989f36ec69b72d2cd21fab3637efc498af4a5e77d74a55ea7fca7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 01:42:53 GMT
Expires: Sun, 11 Dec 2022 01:42:52 GMT
Etag: "a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc"
Cache-Control: max-age=386583,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775599f7baa7fac8-OSL
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
95.101.10.194200 OK 607 B URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 95.101.10.194:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 00c66df208db2e1ba86a1bf44853001c
703b030e21167b9bbb52ae54bca96921a886c2dc
ab1989dd07ba1ed256db9131647ea9cb1b3735fac736fd27fb73b4b44c6e45b9
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 02:46:10 GMT
Vary: Accept-Encoding
ETag: W/"638eacf2-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
Content-Length: 607
Date: Tue, 06 Dec 2022 14:09:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=MFY%2ft7%2f7OK3tlOjP11lbfdoscreOXY54jvc3%2fZxF6QQ%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1670335788404
34.248.130.67200 OK 318 B URL HTTP/1.1 wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1670335788404
IP 34.248.130.67:0
File type JSON data\012- , ASCII text, with very long lines (596), with no line terminators
Hash a1615d7f157f0b5982281bc5f69bd58b
a2485ff17ae02a1125065a0c04f85327bc44f7ee
2807460d729dde6e416a31d2c5055975b85c74a8bb155cd2b7f1921f6e6a11b3
POST /event?d_dil_ver=9.5&_ts=1670335788404 HTTP/1.1
Host: wellsfargobankna.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 377
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0a637d725.edge-irl1.demdex.com 6 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=77125695505171260893162020271265502426; Max-Age=15552000; Expires=Sun, 04 Jun 2023 14:09:48 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 2WaIOR38TKI=
Content-Length: 318
Connection: keep-alive
www--wellsfargo--com--9549329d48d6c.wsipv6.com/as/jsLog
163.171.131.129200 OK 0 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/as/jsLog
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
fortinet Phishing
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 173
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; ADRUM_BTa=R:34|g:5c0c1035-bc56-47ed-9dc7-0c3e38a5dc06|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:102; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:1$_ss:1$_st:1670337587545$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=729842664; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-90716a20-e85a-4af5-95e2-c8e3c4d9fc38' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com https://www.knotch-cdn.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:34|g:5c0c1035-bc56-47ed-9dc7-0c3e38a5dc06|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:102; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f; Expires=Tue, 06-Dec-2022 14:10:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Tue, 06-Dec-2022 14:10:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Tue, 06-Dec-2022 14:10:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=C36074A42EDF6FB4384527694BFF3672; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Wed, 06-Dec-2023 14:09:48 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120221206060948551986307; domain=.wellsfargo.com; path=/; expires=3 Dec 2032 14:09:48 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:34|i:206915; Expires=Tue, 06-Dec-2022 14:10:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206915|e:2; Expires=Tue, 06-Dec-2022 14:10:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206915|e:2|d:0; Expires=Tue, 06-Dec-2022 14:10:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
DCID=%2fOjqlyFgvqWuHpYFfZUmq2MCNagi2ThVvtI%2friJzNbvD5f24uEUfhlWeJLOtqhsB; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:48 GMT;Httponly; Secure
_abck=FE0B6A702DCB9BAD63857A7AE22AE07A~-1~YAAQJmgRYMkYXsaEAQAA4XfF5wmRQViT1qCNh6Cy1IE+IjzUovvUdngWZDZ+zTh7WYB+RBRdyQsqPhEKtKmlpSl9Wm7a3LKoF4Za2cliE8Q0A84C24tRZ9mwZ8emT+myGh9CzhTkG/HQn/WBDjBbr+ORpN32MalPqNTcy+3loH6CzAietMh3MpTWD+mjkOKQ7hffyPlvN6EHJgHZGce2aUj8KlJbVg2CIatjfD+NF5rop95n+yMLomZHGf9KAIH5XDyvHOm5HEuGoLfGX9/GkE4sKYxnPkw0fq26o1Utkphbe4kNrz6spvePVsLemTaLtXOxIUuwNLs3plK5b1okzR72H8SXcLVVWzMkWvKdhYWCtGC2BB3BY72RS5yOGgEEDw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:49 GMT; Max-Age=31536000; Secure
bm_sz=26BDEAEAB67E922AF623AA1676C2E48F~YAAQJmgRYMoYXsaEAQAA4XfF5xJXtcLasfAhGoTfffHu1ygVDbpHzXlGLiNfw45gr2lDfepQjRdI8FB0AIu2QsTuveK0PuXXD4K3DpR8dOCuUemxNcPOhjSrEAQSHNwjqxw3JJG55keKKp/rtdgHM9oyQH5b1nqUQ2VqXdZjVihKrY6MPRu/Nhq/g8d4oNU21VS+/AuHcCNHdPJWgg+3UQId+2J3qdRg6gWhWRr+UV+6I+aC4qllk+YQcqh92XTvVdcWWtM61X0OVB7FoNne60WUoz5cs/iQXpTXRsNWjOjZyhpx7fB0~4405046~3359557; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:48 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl22:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2c_bl21_19789-59455
static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.26200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65508)
Hash f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45086
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=kDoZNd%2fYwnjR%2f0KZKwe2NQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.26200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65508)
Hash f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45086
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=19XrW+hWzLxPQgeMWAVuyQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.26200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65508)
Hash f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45086
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nLKHqAzbF96sNdyZuAIQMg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54296ba5d9ad3f6d6c3f2ccdbc0e36dc
e236ba37d6955c1e2d2f4584e4fdf9b3ca2a2193
41a297c65a47785d689ed443b97167b020a4c97852ecb19b543eada6655462b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103522
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:49 GMT
Etag: "638e3e8f-1d7"
Expires: Wed, 07 Dec 2022 18:55:11 GMT
Last-Modified: Mon, 05 Dec 2022 18:55:11 GMT
Server: nginx
Content-Length: 471
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124%3A0&_cls_v=55a34900-121a-42fe-8199-e85850716779&pv=2&f_cls_s=true
95.101.10.203200 OK 76 B URL HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124%3A0&_cls_v=55a34900-121a-42fe-8199-e85850716779&pv=2&f_cls_s=true
IP 95.101.10.203:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 95176bde7773f387864d01467c4992f3
12a6d1faf948e59e749d8cd570b09d36424eb562
7de6186be79df34faea0c5fca6a72bfbd13da6b32e173d44fcc4ff70882bcc44
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124%3A0&_cls_v=55a34900-121a-42fe-8199-e85850716779&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 76
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Set-Cookie: _cls_v=55a34900-121a-42fe-8199-e85850716779; Secure; SameSite=None;HttpOnly;Secure
_cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!sO8ykv3GAqWGe4LjbMKMZ0gdoDa2ecdtE/6tyocj5h1x9tn6l/Gh+1LQk633P8V8H+B1/MupM9qCKkQ=; path=/; Httponly; Secure
DCID=+IMVfeqKRVSymfkNcSdEoyahIKr+JMpnL7nmta3sLrQ%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335788961&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335788961&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335788961&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; ADRUM_BTa=R:34|g:5c0c1035-bc56-47ed-9dc7-0c3e38a5dc06|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:102; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ydJQpjrAKgfeRlkKBS7PaiVP2cUhh0In289POHI69k%2fi7+9pFB6tOaXh0N2FAPHz; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_20387-64674
tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
8.39.193.5200 OK 266 B URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
IP 8.39.193.5:0
ASN #54396 NUANCE-MOBILITY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a671bc4e541aadc71fd7812d93af15e7
3b8c76ac113e54f3d413e09807f3661c72d0f6b5
ef16255038c7c5847295c3c434243418d898b7b40a9095aeeb65e3ddb7579383
GET /tagserver/nuanceChat.html?UUID=WF_10006005 HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "+6ZNxP/6RTk"
Last-Modified: Wed, 09 Nov 2022 03:49:47 GMT
Accept-Ranges: bytes
Content-Type: text/html; charset=utf-8
Content-Length: 266
Date: Tue, 06 Dec 2022 14:09:49 GMT
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.26200 OK 43 B URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Xs0hMIoQIGovSCzbg3AYsg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789050&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226480-16%7Etcm%3A91-226306-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789050&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226480-16%7Etcm%3A91-226306-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789050&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226480-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=5hU5Tt22rg1D1ujhbcU0brx0GuQAzEZh5aCr6bC8oAgTay5ZEZCpqMrlTC+jnand; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19807-32402
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789056&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-226451%7Etcm%3A84-1029-2
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789056&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-226451%7Etcm%3A84-1029-2
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789056&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-226451%7Etcm%3A84-1029-2 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=%2fi9UL+VMXzPnsqLJnld3Kx%2ffpprnPQ%2fu20IqCaWCsgqJ5LqsPVHeuE4eCMiI+LqT; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19503-63054
static.wellsfargo.com/tracking/ga/ga.js
23.36.79.26200 OK 20 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (49163)
Hash d76c07f3794667edfb1c8ac0df3aac66
23e1915175dad06223c692b49c7b3c2aad1a5820
e0a246ff71144016a26e53493b8275a3a02b9386c690a169801840072851136b
GET /tracking/ga/ga.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=NQ+6rBd2dDe4tVF5Nz68dw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/ga_conversion_async.js
23.36.79.26200 OK 14 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (35846)
Hash 42c817a7b5f9583b2bc70f742dc950c9
ff75711716f8605860abe551b0235f7194e4348e
881b430ac699f32b3b5234582494d1f4fc0d22be1e6ac797847d66bc5ebc250f
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=j1sVKIEL%2flP1Q%2fvSzeZFew%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7516496867637734
95.101.10.194200 OK 56 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7516496867637734
IP 95.101.10.194:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 248887e05e8ba6d71be4fededfe43fd3
88f65e87432d71dc6c2f8eee0dd8b12c962edd3b
6f50244abd3aecb22cae6804d0c872d2a897ac46bdd1abe4ae7fad7928e417b4
GET /AIDO/mint.js?dt=login&r=0.7516496867637734 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 55570
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=QzsOuuYfsj%2fJoyO6gblxIOwJ5HxZZ7Oh%2fmj+RdZLqVg%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789063&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-253803-16%7Etcm%3A91-223657-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789063&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-253803-16%7Etcm%3A91-223657-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789063&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-253803-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=HGbHYzvkqX1moemxCHbu9eew0hY+IJxbsUDNBMtGVx1hnMWmziLmPfs7qxAfVmxY; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_20387-64696
www--wellsfargo--com--9549329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.131.129200 OK 974 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type JSON data\012- , ASCII text, with very long lines (2442), with no line terminators
Hash e1b86aefa07f1422612e9bb237520d56
89414ca67b28a2740a6ad67484c0b66deed9b2bc
b9a824cacdbcc040dd91172a2d289d282d4823cb4fb7a2a99ef8c721d3c0dc9c
Analyzer Verdict Alert fortinet Phishing
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Content-Type: application/json
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Content-Length: 269
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 974
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-102c391b-dabe-4ea7-babb-31743103bc13' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com https://www.knotch-cdn.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206915|e:2|d:0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:d4c72ae7-0e28-4ca5-93dd-388647ad77d0; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:d4c72ae7-0e28-4ca5-93dd-388647ad77d0|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:102; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=69371B3A06427ED2A2E196B05B25533C; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Wed, 06-Dec-2023 14:09:49 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120221206060949345848729; domain=.wellsfargo.com; path=/; expires=3 Dec 2032 14:09:49 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=q7ymOfuxbLQ7IwlXqV+ShB0estAaxVmphljQNhmBas9RXVr0bhRAmwVgPp9oJeCN; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
_abck=BAC4D1A1A792E1DAE07A3986041DD30C~-1~YAAQJmgRYN4YXsaEAQAAp3nF5wngF7BC9TkoOSUUyZbT6OkMuT6G7fgJ5VlPElUyeuIovqWgaNRVpZ9P/gNtu6DByURUPtLBEKKl06S5a35JPjicLMpWePvxHBkVazhELSU6Fr9bVX5muzSfOuBMjO3qHYA7Li7sJdBUmxJy1pQ2bdDadoo0U3kG1L5zFIPafDRsTWhuHZfwVwHzPbMCuNVpxbS4lDSsqD1UnU3lL6mBGciwxHxhg00x1iXXs20Bi/9iXsoxgy+trJxHWh9q97jRmq32EwNbAnQxjeGG3G9m4RqnkekDxlg7CKRJNNvRWJm1KbuzTFa511fhprbxq3FSRYwUdriHFt49jd2nBZBbDEnoy1aqTgNXO53Y5jxFsw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:49 GMT; Max-Age=31536000; Secure
bm_sz=FB1B6520B656923F15D4462AF85ED637~YAAQJmgRYN8YXsaEAQAAp3nF5xK0QH42IxirURDpm4yinkaiduz1aotSxm7FIvmVFinnoS5ZbtFMbEVPBtF0WZNFFMTpvwHoAkAwYBt6K/1wa2d2iuJjsIHNI8lon+jWWRGNsc9/F9bZHOQCORpR9B3zliuamjgmpHO6eMoQXJDRVfOfy28eKbkqDh9lCBNsAS+gAjGyIcaIGWZl39tzspkTqG94Gl6cJ689bZduZPxfldUQCGj+2xWHYQw1CjoiZJyiu3M+8volSRdYLe4qzTz77+1BAKlpiEW0WFMszQip6nCoRXJS~3485745~3425848; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:49 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19789-59482
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.05707413978864917
95.101.10.194200 OK 42 kB URL HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.05707413978864917
IP 95.101.10.194:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 68345fc0cd2c9e5a6790b3c52aa96b21
221ec5f5a7fb021849de87eb422f724958f30514
5dc56a80216649c0db5c9707da26d65886a83605f24d75804b978b535b2181fe
GET /PIDO/pic.js?r=0.05707413978864917 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 42450
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Wluuw7L4l%2f7a%2fRUxEp6YxkTNz0WOOt3TPaMiQE6%2fVgWw3W46QKyVGZKw3j9%2fHDSe; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 82dc811a8b106183fe1a3c92caca7a67
6f91d328a356a18d85a192a057f8bb0f12bd310d
618addad95581f04d48245ca12062d5b959e236b7fbf12d4966471abb4b1e834
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www--wellsfargo--com--9549329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.131.129200 OK 976 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type JSON data\012- , ASCII text, with very long lines (2453), with no line terminators
Hash a36f895e151cbd9b3f51b9e7f744439b
7bb051085f90abd57f2ee0296169f3ef98853d79
c9dffc948543d0d57bf3f6c9ede4127f80c84cf7ee9b469b4db8f5de88de163e
Analyzer Verdict Alert fortinet Phishing
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Content-Type: application/json
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Content-Length: 278
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 976
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-86539d62-c668-41f1-9e77-618785c3df99' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com https://www.knotch-cdn.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206915|e:2|d:0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:130edd73-5950-4a9a-98a3-061a14c332e2; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:130edd73-5950-4a9a-98a3-061a14c332e2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:102; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=06EA1A804AF1327955D9C4C9E1FF3A1A; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Wed, 06-Dec-2023 14:09:49 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202212060609491166187567; domain=.wellsfargo.com; path=/; expires=3 Dec 2032 14:09:49 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=vqanc7iwhSHjIrjhdH3JxPI%2fd4Z4fjYmY4WbSMliDus%3d; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
_abck=FC56F0F7411E9DB197F8E6B7981AEBFF~-1~YAAQHWgRYJIDnYmEAQAAyHnF5wlR0CoTJ4OIJi3vsGrpKn5b+/5qS+GLrW6NBGK/fOQDg0iMIcC/e10zOB48QGk6hCBQEjD2NXe/cautup8RF6oqnhjsG2kkV2ItDryzP9OLUycUwaOO5vA2djAwnFwHlfBlAVzfbXDaIHm/DDHFEuC/I3GDA0KhXMvTV4gLPeTn2HyRWXK5k8Yyr/VpXi/wfYIgQDuBSdMOlv6CD/xDNkdCBt5RTlqzysby01QPaFIf73uHSixyxDd6+eHiDAq34cGavvRJdW/IDZxydBGV9w3yE2YMef9k+yRLQK20M+cdt0UlD9CRJDDzY0Vev0zJm/URtDf5F0xhppQxIVbBzXDZtEqzYPRttONTrpueHw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:49 GMT; Max-Age=31536000; Secure
bm_sz=A6AAB0BD935AFA66229CDD30DA07C3FE~YAAQHWgRYJMDnYmEAQAAyHnF5xLhhESHr07BXbEYUPn/vuhzdlHWixdTmCyPpOwYi6QkiNCtOPWyYB8uan2NcOMavLQM9zH68majb63sDy4rbd4gdaC+v9Ft2VJQfOfulrwnIt4Avh8r+QcIeaK1ZNrVIuQleg0kGYO5hAB1wCZT5h2+zmOnA9cwX5fARC+N9xTygQEoM/MDIOXLDtHBNTBfOn1ocKlx5G1SfNXrtHJtd1zxvjUxykEEhLrPIm4a+3Y3csGhEw4RisbjejdoM2EstDCjDvNozMDDZdAIzcOga0M3kWob~3485745~3425848; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:49 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19613-61557
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789073&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242063-16%7Etcm%3A91-228643-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789073&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242063-16%7Etcm%3A91-228643-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789073&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242063-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=vmUV+8sQbWu6sfJMsIFve+kPKIcdpJi9ToPxAHGoVWO+YpRRTuwC6b60pQ4056vV; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19807-32416
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789067&offerType=iaRendered&slotId=WF_BIZ_HP_PRIMARY_BNR&offerId=B_oth_sbcashflowrsvp_bishpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-253803-16%7Etcm%3A91-223657-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789067&offerType=iaRendered&slotId=WF_BIZ_HP_PRIMARY_BNR&offerId=B_oth_sbcashflowrsvp_bishpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-253803-16%7Etcm%3A91-223657-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789067&offerType=iaRendered&slotId=WF_BIZ_HP_PRIMARY_BNR&offerId=B_oth_sbcashflowrsvp_bishpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-253803-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=AHOH6QM6EcSBzoMSDIIZElabvYzXYyi7hBjRJ0yMt6Ivd+URncy730V9FAu10lNE; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19807-32415
2549153.fls.doubleclick.net/activityi;src=2549153;type=bisf90;cat=all_a0;ord=1448069401345;gtm=2od8g0;auiddc=915232984.1670335789;u1=11202212060609461526812755;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F?
142.250.74.134200 OK 318 B URL HTTP/2 2549153.fls.doubleclick.net/activityi;src=2549153;type=bisf90;cat=all_a0;ord=1448069401345;gtm=2od8g0;auiddc=915232984.1670335789;u1=11202212060609461526812755;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (556), with no line terminators
Hash fd22f7e0c0d18cee1aad18b610cb9d0e
450db6198eedc9cf83e5dfac3ee7aa821a2ea998
927ba331ef1aa3c412d65a7c66711dfe7ac15df061279824c83fd6cb6f58cb6f
GET /activityi;src=2549153;type=bisf90;cat=all_a0;ord=1448069401345;gtm=2od8g0;auiddc=915232984.1670335789;u1=11202212060609461526812755;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F? HTTP/1.1
Host: 2549153.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 14:09:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 318
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 14:24:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789083&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238608-16%7Etcm%3A91-228643-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789083&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238608-16%7Etcm%3A91-228643-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789083&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238608-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=bbwhON5Yu9IIXe9LEly3g90VOhGpcdRhTyDwgrtGPNjijrz7PpJkgKT7VpXVCurh; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_20387-64717
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1670335789089&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1670335789089&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1670335789089&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=%2fuCXtz1IxuSDOXY17gLYHgPPVU7AFXkQ%2fj1U%2fpCMwyvaQv6aKb568VZ8CuVx1YJz; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19789-59518
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 82dc811a8b106183fe1a3c92caca7a67
6f91d328a356a18d85a192a057f8bb0f12bd310d
618addad95581f04d48245ca12062d5b959e236b7fbf12d4966471abb4b1e834
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789094&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238609-16%7Etcm%3A91-228643-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789094&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238609-16%7Etcm%3A91-228643-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789094&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238609-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Y5FteSHx2zNkZIs07OrKERLi6Y5JOk9sOVZWMqxD4tikTcQcJKJQkn6L5rT1jfwG; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19613-61588
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.52B103&_cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0&_cls_v=55a34900-121a-42fe-8199-e85850716779&pid=864fd5b4-09f6-443c-9329-4cb6ba0ead11&sn=1&cfg&pv=2&aid=
95.101.10.203200 OK 969 B URL HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.52B103&_cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0&_cls_v=55a34900-121a-42fe-8199-e85850716779&pid=864fd5b4-09f6-443c-9329-4cb6ba0ead11&sn=1&cfg&pv=2&aid=
IP 95.101.10.203:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4597), with no line terminators
Hash f3f62861b191c56cac5d3ad0d5f43e0f
95de5c861ffe75480dd901b006e741a9c5c17680
112a55e6868ee09689b2963f15f03e7eb471623b9c3f8947912a785a70ae5ff4
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.52B103&_cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0&_cls_v=55a34900-121a-42fe-8199-e85850716779&pid=864fd5b4-09f6-443c-9329-4cb6ba0ead11&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2941
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Cookie: _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 969
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=18d2c6f2; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!oA0EZ7YlsRZxaBvNm6glvWWF2ZIYlVjQUaCvsjSiRHUqf9JQ6QXAXnzmGyUiPicePV2Se+vMmaMnTw==; path=/; Httponly; Secure
DCID=GW7Ag4OdWe3DHCABj1jVoa9%2fZHmJCWf4U1byn5qV9iJxD4f8zTa+aRJWCr25jU0F; Domain=rubicon.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=497246017&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&ul=en-us&de=UTF-8&dt=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=820531521&gjid=1944370939&cid=1779321474.1670335790&tid=UA-107148943-1&_gid=1847571364.1670335790&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202212060609461526812755&cd12=BROWSER&cd22=hp&cd23=4.48.0>m=2ou8g0&cd35=1779321474.1670335790&z=2074813404
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=497246017&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&ul=en-us&de=UTF-8&dt=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=820531521&gjid=1944370939&cid=1779321474.1670335790&tid=UA-107148943-1&_gid=1847571364.1670335790&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202212060609461526812755&cd12=BROWSER&cd22=hp&cd23=4.48.0>m=2ou8g0&cd35=1779321474.1670335790&z=2074813404
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j92&aip=1&a=497246017&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&ul=en-us&de=UTF-8&dt=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=820531521&gjid=1944370939&cid=1779321474.1670335790&tid=UA-107148943-1&_gid=1847571364.1670335790&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202212060609461526812755&cd12=BROWSER&cd22=hp&cd23=4.48.0>m=2ou8g0&cd35=1779321474.1670335790&z=2074813404 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
date: Tue, 06 Dec 2022 14:09:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789105&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238610-16%7Etcm%3A91-228643-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789105&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238610-16%7Etcm%3A91-228643-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1670335789105&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238610-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=C+C5Npr7farfZdGuhJEG9A22A0sPYOG4qcS4QsQupH1mxf31E2hP59eMiDCG1DEm; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19807-32430
static.wellsfargo.com/tracking/ga/ec.js
23.36.79.26200 OK 1.3 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ec.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2771)
Hash 8a1d22ba0de1104dcdc02a582b407ed2
e4d90fd13a73c7379c46b197ded523a5d33c69b9
4a44a1a7efd65360f31e0b1842ad06b7fedc7c0373c69c0077c696cd49cc35de
GET /tracking/ga/ec.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=LkdAL6sRYExmuYYocyDelg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js
8.39.193.5200 OK 5.9 kB URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js
IP 8.39.193.5:0
ASN #54396 NUANCE-MOBILITY
Hash 0ceb2e3aaf3130b64517eee5e5583179
49fb8fbb16b1585e19a8911f59cd7ea234c5b607
9d486489da6c1ff7c439641bc384a2e0c9e4da32c2ab73f71d1fffc4bacefc5b
GET /tagserver/frame-bridge.js HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "+YmUhczVC0A"
Last-Modified: Wed, 09 Nov 2022 03:49:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 5926
Date: Tue, 06 Dec 2022 14:09:49 GMT
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1670335789100&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1670335789100&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1670335789100&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=WC704nXLkGakKA+2zMgDD51JDWz78LClQwtArygebSMhxNXGWo64FfGjuhJTbjx2; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19807-32428
www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1670335789118&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=4
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1670335789118&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=4
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1670335789118&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=4 HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; ADRUM_BTa=R:34|g:9f6b2c50-978e-4b37-a186-6584ef39af0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206915|e:2|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Mon, 05 Dec 2022 14:09:49 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=tdt%2fwwPxGOy5bfWwBEwZhgThp1C2HwAigwNi%2fCIOxaSUJ0aNrWjLGq7SYdwsyCHI; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2d_bl21_19503-63126
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1779321474.1670335790&jid=820531521&gjid=1944370939&_gid=1847571364.1670335790&_u=4GBACUAKBAAAAC~&z=596227371
108.177.14.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1779321474.1670335790&jid=820531521&gjid=1944370939&_gid=1847571364.1670335790&_u=4GBACUAKBAAAAC~&z=596227371
IP 108.177.14.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1779321474.1670335790&jid=820531521&gjid=1944370939&_gid=1847571364.1670335790&_u=4GBACUAKBAAAAC~&z=596227371 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 14:09:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/jenny/nd
95.101.10.194200 OK 17 kB URL HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 95.101.10.194:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2285)
Hash 31f3b6112191a93f37df177646c0ac09
0e660042436223af620526a5ff26de17340dca6b
5ffb7a35299f57fb5dc509f7683557d8dbfe3bdae0acf4716b67b685ace5209b
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17051
Date: Tue, 06 Dec 2022 14:09:49 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:347ce652-7338-4f42-8814-6d24c020d170; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:347ce652-7338-4f42-8814-6d24c020d170|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure
SameSite=None; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:2; Expires=Tue, 06-Dec-2022 14:10:19 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=fbd9cBvobmtWS3pPo6gRr3r1CCgoF39PDk6VeAmzxmg%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:49 GMT;Httponly; Secure
_abck=A400C694B44C3C9F15F03E6985D943FD~-1~YAAQvgplX07IHIyEAQAAdnvF5wmEBgCMrt0S8g6Sw+WSy12G81QoOiVovpr18uZREiROeZzu25Jh1IsaSvL9CqEfT65zE0BJvDtAR/IA8eeh4BWP2b7d2DGA97RHUZOeN/Q1JDSeKE73zPkU+hH1t6+ezS5OfVQiVZVNgfDjptPjK5lKIOpQy9h2a1htwgnU4Ybzx/yvn9j0WbeT1oeYoUNn3aJtzSK424ztE/7v8oodBpEfuHO2ON8vx1pmvnijGROIIo48QYm5yMDKmhU3XgJkezRpPiKNqPicMAUx24mB+3coOTrWBOtgEec7TOxomL1KHbtUSALXWBoPwnN44msbZl1WuP64mCqzzU0vXrkTopC61CXVWbMAm89msjILDQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:49 GMT; Max-Age=31536000; Secure
bm_sz=1A13E95972D2A8F78219EEE8D43F2DB1~YAAQvgplX0/IHIyEAQAAdnvF5xIGgwWLGl+mV8zNL8V5r/Nlc3QZRAKyt7LDpjvO7iQPg/CgNKoHkTxJoUd3VWnJGBZ0K8InYN0NZiljMdsXSMPcBg86IR9kdx1WDOG6js+1TnZcIx0gAHe6PofhdoiyY7vMUgjZ24nomRnLCbZd3daGmcUEh+dlcaxVcCp8nE6AHsjm1VVjTVC2prxKeiUWkEfFHhMKkNre4soN6XaspqCmSHjmSblWQ3HM8J6wZgwM4gwK43U4fAJDPhQmM4jxbquJyDrqIEjKXCsvj6PQxMFseGQb~3621171~4339766; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:49 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=1448069401345;gtm=2od8g0;auiddc=915232984.1670335789;u1=11202212060609461526812755;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
142.250.74.34200 OK 318 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=1448069401345;gtm=2od8g0;auiddc=915232984.1670335789;u1=11202212060609461526812755;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (555), with no line terminators
Hash 40cd22b1873bdda5ec96c3172b7b20ce
4b856ae12636b443ea2ab4176cec40f1a3b2ea0d
416c0b6c4696e5b38ff9eb3c5381981f9d879763223f8313f558724b20e96ef0
GET /ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=1448069401345;gtm=2od8g0;auiddc=915232984.1670335789;u1=11202212060609461526812755;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2549153.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 14:09:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk
8.39.193.5200 OK 2.0 kB URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk
IP 8.39.193.5:0
ASN #54396 NUANCE-MOBILITY
File type ASCII text, with very long lines (1087)
Hash db767c3f8b28936b033b16eaaf7b8a5a
989c393cf3f0651fd9b866b8ed7e1a4e853307c4
c6ab54c548bdcc5af75db476c8e17a20e5c2aa33d34559663d9817b6ec9f665e
GET /chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: no-cache
ETag: "DKis/LFNPJm"
Last-Modified: Wed, 09 Nov 2022 05:25:13 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 2008
Date: Tue, 06 Dec 2022 14:09:50 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da99a2b4661e2adc71782ed838797be6
808f9f02f70ccdfdbb8e0e3dfbe143dd232b175a
74b6a569e4149ebe2f87c5c916f1086a2704475aa30dd5353bce89e721137476
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4108
Cache-Control: max-age=98648
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:50 GMT
Etag: "638e1b7a-1d7"
Expires: Wed, 07 Dec 2022 17:33:58 GMT
Last-Modified: Mon, 05 Dec 2022 16:25:30 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da99a2b4661e2adc71782ed838797be6
808f9f02f70ccdfdbb8e0e3dfbe143dd232b175a
74b6a569e4149ebe2f87c5c916f1086a2704475aa30dd5353bce89e721137476
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4108
Cache-Control: max-age=98648
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:50 GMT
Etag: "638e1b7a-1d7"
Expires: Wed, 07 Dec 2022 17:33:58 GMT
Last-Modified: Mon, 05 Dec 2022 16:25:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
connect.secure.wellsfargo.com/AIDO/glu.js
95.101.10.194200 OK 37 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 95.101.10.194:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 010d567efc6ae81f6981086fa6f88ee0
079f7ccaf0469709d22b777d6b78a3ebcd362673
83873acf7c8f19831257dbaf9fd349331a9495a90bebb5167f1b4e69f3a4f714
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37020
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 14:09:50 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=7WBuNY3YCUJPFPHkbBQjAzmO+3knsjwAe4WSsTlkntw%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
adservice.google.no/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=1448069401345;gtm=2od8g0;auiddc=915232984.1670335789;u1=11202212060609461526812755;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
216.58.211.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=1448069401345;gtm=2od8g0;auiddc=915232984.1670335789;u1=11202212060609461526812755;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=1448069401345;gtm=2od8g0;auiddc=915232984.1670335789;u1=11202212060609461526812755;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 14:09:50 GMT
expires: Tue, 06 Dec 2022 14:09:50 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www--wellsfargo--com--9549329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.131.129200 OK 206 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type JSON data\012- , ASCII text, with no line terminators
Hash dacaff8164129c33a5aa2d96f4772be9
c792449dfd614e09f7859d136c6e07b6446e24f0
e02810362336211d4351420356ce3c6af8891793d77272caf51e0bd68cca06d0
Analyzer Verdict Alert fortinet Phishing
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2024
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=767159819; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; _gcl_au=1.1.915232984.1670335789; ADRUM_BTa=R:34|g:130edd73-5950-4a9a-98a3-061a14c332e2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:102; _ga=GA1.2.1779321474.1670335790; _gid=GA1.2.1847571364.1670335790; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiOHZzOEI3bGI0UEViSFdYb3ZXa1UwQT09IiwiZSI6IkRRdnpHNjZMK2paTkl5c1ZZajVpaUcrY09OWUVHbDN2WkdxaW80V1Q5T3prVFJhcG1rVHpmeERhalFEYTdOczJHSE5ibW5xOURCYkROaGZEbTRaaVlTbDFSeGxcLzd4RHYyWGlUeDRCMHZqRnlSM29tTzBxK1dkWllONjJrWkRaKzBhRjk1NHFSTEVRZ3c1ekpmaHEwcnc9PSJ9.4844517e573ec3a0.ZWRiOTZlMTc5NTUwZWE0NWEwZTA1OTM4NTA2ZGU2OTA1MjZmZmFjNDU1NzUyYzZkYjIxZWJiOGY4OGM0N2U0ZA%3D%3D; ndsid=ndsagsca64t8zcqlbcasw4t
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 206
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
x-envoy-upstream-service-time: 25
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=WW%2fqCVb7sEW5zdK5gOkOTAQv7+6lD8N7cjgwZlYv28D9IsWOA7z2oPNTgV84IL0N; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:50 GMT;Httponly; Secure
_abck=CE6E8ABC9DD18F3BE98A78F7F81DC8BC~-1~YAAQJmgRYBkZXsaEAQAApX/F5wkM9OLG4amCHot7W9lXK1cNfsgClSvKylpMuOqUObXJlFUe5cspmrnV85sdnR5BP1D0rvZdjjrmRD47JyH8KDASvAfZUfShXQqU70r0OdkTU2LDDxgSKnkqAHr72CtsHHhQuRjdREhIrCoMFkfBKU7tU9vXZs9Znrcc3a4LnSwkLQQ0m40kFafi7y+YWRrV/wyDUqPRCQUBiu0VYd+Lz1pINCuuisAyf8fXlzj0K2R30ETUY1EnNXGnq7ClTt17lL7FzkHRc0anHN1NrPW0WiHz5XUt3UEX9Cpwq/lYvFuCk8jkvpHduHWTzCfGxEhEt8IRPkksZVQGQe2qvrloKRLORczGHsgxFcRwVz9/gg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:51 GMT; Max-Age=31536000; Secure
bm_sz=1DC3CBCB79CA461CF77A7EC8059F5F13~YAAQJmgRYBoZXsaEAQAApX/F5xKmpsOXSDD06XKig7vgpLmeAKSTMrfgxv7wDpOzql74qwYppKxWB+5tfvbo8UmFYvUlgxweZGr+vP9Q2iqacKiZWkMyG4bEdO94xapjIYjrVVY0bqk/+vjbEhmxDUKaJ3a9iYYhnUYaiOekZd7LTO1+fJ/HAo3hAekRbVXafkIc4qbO8uCNwPxJ0nlrcW/h12+eSNA8DeY4YAs7ep107wNrqqNUiogImtb2pLxmnLAmT7dfcuZCTQwR4JujWzrdCx6LM4jt/q4L66oCWr/5mc4hJDXz~3491382~4473158; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:50 GMT; Max-Age=14399
X-Via: 1.1 bl22:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2e_bl21_19789-59647
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBhTlpaZzBxZERKUkRJWG1ZaTErdmgvQkh2alRPbUVMR2xQbUg5dzc3NHhDSGtDRnhOdWZCWitEN0tQaWFuYlJNMmlQUnhvQjdBYkNiNmNoQUREREtiV054cFcrMHAwdHFVWkNCcEdkWVB5SEtlQ2xjTkIxYlRMUXBqeEUySkE5SGNpTlVkVWVzSUJjbGRNOEJGRjZ2eWJYMG5yWXcxbWhXallDMm5TYXd5SE11aFVzSEg1Q3lvMmlCM3FwUlgvZlBXLzlwQ2prM1lPR2k2TmhqZ2RxRlRXSGluSTFERVowWGxUbWsrQlFNSCtGbDg4cFc1Qk00Mzg4TiszL3drWWptcm9WTzJMTjdBQ0VDbGM2cnNaanA2TXJ4T2VXaFhUQ29wMzRWZUNFeTdHT2p1Uk5jZHhXU1V1SVJaYnFBSHJtcEIyQW1YdHR5a2Y4ZGFJQ2lOLzdwaDdDcWU4ckk5VldTekxJOGR1WUFnQ0hvZ1poMVNtaHU1eThVai94RXl4NFVQeEZTbTBUWFNZbldGTGRGMWtheUV5OFp8ZWIzZWVkNmY1Y2E0ZjQ4YjMyN2U2MzNjYTViZmNhMWQ2N2U1OTAzMzQ2YmM4YWVhZDdjZWJmMDZhMDRhYjVlYmY2OTQzMWY0MTUxYjU0M2NhYjY2Y2MwZjUzZDg2YzI4NWNlNzEwNzIxYjJhMDc2ZmNhNjQzZjFmNjc0YmJlMTlmN2Q3NWE4N2JjZTc3NmE3ZjFlNDk5YTYwZmI5ZmJhOGEyMzM1MDkxMGU4Yjk4ZDEwYTE5OWZhZTg5ZmRjNDJjNWZjNmE5MDA0MzdkOThjNzk4Mjg5NjE1M2QxZDAxYjlkYjNmNzVjYTBhZjg3NmM4OTY0YWEwYjZkNTlhOWVlMGE2ZWRjY2ZhYTkwMTUxYmJlMTRiYzRhOWU3YzhiOTY0NmM3OGUxOTAwNzAzNGNhOWYwN2E5NmQ3YWIwODk0MWVjY2ZjZWY0MjUzNzVmMmRiYjVjMWY5YjA2M2VkNjNjMjYxMmE2ZTYzNDgyNjJjZGZkNmEzMjgyNzdmMjExODllYjA1OWU1NDhjODhkMjk0NDg2MTQ4Y2VjYjQ2MDJlODBkZjI1OGJkM2U3ZGE4NGQwMWYxYjMwNWI3ZjUyZmViZDRkOTBhYTE4MDFmMDExNjIzY2I1MTc4Y2RhOTExOTcxM2E2Y2VlOWIwOGE1MzEzZjA3Zjc3YTFlZmQyYjZmNmV8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com&t=jsonp&c=fvnlgvzybphlwo_t&eu=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
95.101.10.194200 OK 90 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBhTlpaZzBxZERKUkRJWG1ZaTErdmgvQkh2alRPbUVMR2xQbUg5dzc3NHhDSGtDRnhOdWZCWitEN0tQaWFuYlJNMmlQUnhvQjdBYkNiNmNoQUREREtiV054cFcrMHAwdHFVWkNCcEdkWVB5SEtlQ2xjTkIxYlRMUXBqeEUySkE5SGNpTlVkVWVzSUJjbGRNOEJGRjZ2eWJYMG5yWXcxbWhXallDMm5TYXd5SE11aFVzSEg1Q3lvMmlCM3FwUlgvZlBXLzlwQ2prM1lPR2k2TmhqZ2RxRlRXSGluSTFERVowWGxUbWsrQlFNSCtGbDg4cFc1Qk00Mzg4TiszL3drWWptcm9WTzJMTjdBQ0VDbGM2cnNaanA2TXJ4T2VXaFhUQ29wMzRWZUNFeTdHT2p1Uk5jZHhXU1V1SVJaYnFBSHJtcEIyQW1YdHR5a2Y4ZGFJQ2lOLzdwaDdDcWU4ckk5VldTekxJOGR1WUFnQ0hvZ1poMVNtaHU1eThVai94RXl4NFVQeEZTbTBUWFNZbldGTGRGMWtheUV5OFp8ZWIzZWVkNmY1Y2E0ZjQ4YjMyN2U2MzNjYTViZmNhMWQ2N2U1OTAzMzQ2YmM4YWVhZDdjZWJmMDZhMDRhYjVlYmY2OTQzMWY0MTUxYjU0M2NhYjY2Y2MwZjUzZDg2YzI4NWNlNzEwNzIxYjJhMDc2ZmNhNjQzZjFmNjc0YmJlMTlmN2Q3NWE4N2JjZTc3NmE3ZjFlNDk5YTYwZmI5ZmJhOGEyMzM1MDkxMGU4Yjk4ZDEwYTE5OWZhZTg5ZmRjNDJjNWZjNmE5MDA0MzdkOThjNzk4Mjg5NjE1M2QxZDAxYjlkYjNmNzVjYTBhZjg3NmM4OTY0YWEwYjZkNTlhOWVlMGE2ZWRjY2ZhYTkwMTUxYmJlMTRiYzRhOWU3YzhiOTY0NmM3OGUxOTAwNzAzNGNhOWYwN2E5NmQ3YWIwODk0MWVjY2ZjZWY0MjUzNzVmMmRiYjVjMWY5YjA2M2VkNjNjMjYxMmE2ZTYzNDgyNjJjZGZkNmEzMjgyNzdmMjExODllYjA1OWU1NDhjODhkMjk0NDg2MTQ4Y2VjYjQ2MDJlODBkZjI1OGJkM2U3ZGE4NGQwMWYxYjMwNWI3ZjUyZmViZDRkOTBhYTE4MDFmMDExNjIzY2I1MTc4Y2RhOTExOTcxM2E2Y2VlOWIwOGE1MzEzZjA3Zjc3YTFlZmQyYjZmNmV8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com&t=jsonp&c=fvnlgvzybphlwo_t&eu=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
IP 95.101.10.194:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash b4c075ebbac2fe0efcad0e3a6cea503c
8002d39795644ff5041e32fb5031ffe332031d2a
adc70b122b07d19b7b9c3f43c202b0e9ed0b6345ee5c7f832aeae25234fd5325
GET /AIDO/vyHb?d=ZW5jZEBhTlpaZzBxZERKUkRJWG1ZaTErdmgvQkh2alRPbUVMR2xQbUg5dzc3NHhDSGtDRnhOdWZCWitEN0tQaWFuYlJNMmlQUnhvQjdBYkNiNmNoQUREREtiV054cFcrMHAwdHFVWkNCcEdkWVB5SEtlQ2xjTkIxYlRMUXBqeEUySkE5SGNpTlVkVWVzSUJjbGRNOEJGRjZ2eWJYMG5yWXcxbWhXallDMm5TYXd5SE11aFVzSEg1Q3lvMmlCM3FwUlgvZlBXLzlwQ2prM1lPR2k2TmhqZ2RxRlRXSGluSTFERVowWGxUbWsrQlFNSCtGbDg4cFc1Qk00Mzg4TiszL3drWWptcm9WTzJMTjdBQ0VDbGM2cnNaanA2TXJ4T2VXaFhUQ29wMzRWZUNFeTdHT2p1Uk5jZHhXU1V1SVJaYnFBSHJtcEIyQW1YdHR5a2Y4ZGFJQ2lOLzdwaDdDcWU4ckk5VldTekxJOGR1WUFnQ0hvZ1poMVNtaHU1eThVai94RXl4NFVQeEZTbTBUWFNZbldGTGRGMWtheUV5OFp8ZWIzZWVkNmY1Y2E0ZjQ4YjMyN2U2MzNjYTViZmNhMWQ2N2U1OTAzMzQ2YmM4YWVhZDdjZWJmMDZhMDRhYjVlYmY2OTQzMWY0MTUxYjU0M2NhYjY2Y2MwZjUzZDg2YzI4NWNlNzEwNzIxYjJhMDc2ZmNhNjQzZjFmNjc0YmJlMTlmN2Q3NWE4N2JjZTc3NmE3ZjFlNDk5YTYwZmI5ZmJhOGEyMzM1MDkxMGU4Yjk4ZDEwYTE5OWZhZTg5ZmRjNDJjNWZjNmE5MDA0MzdkOThjNzk4Mjg5NjE1M2QxZDAxYjlkYjNmNzVjYTBhZjg3NmM4OTY0YWEwYjZkNTlhOWVlMGE2ZWRjY2ZhYTkwMTUxYmJlMTRiYzRhOWU3YzhiOTY0NmM3OGUxOTAwNzAzNGNhOWYwN2E5NmQ3YWIwODk0MWVjY2ZjZWY0MjUzNzVmMmRiYjVjMWY5YjA2M2VkNjNjMjYxMmE2ZTYzNDgyNjJjZGZkNmEzMjgyNzdmMjExODllYjA1OWU1NDhjODhkMjk0NDg2MTQ4Y2VjYjQ2MDJlODBkZjI1OGJkM2U3ZGE4NGQwMWYxYjMwNWI3ZjUyZmViZDRkOTBhYTE4MDFmMDExNjIzY2I1MTc4Y2RhOTExOTcxM2E2Y2VlOWIwOGE1MzEzZjA3Zjc3YTFlZmQyYjZmNmV8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com&t=jsonp&c=fvnlgvzybphlwo_t&eu=https%3A%2F%2Fwww--wellsfargo--com--9549329d48d6c.wsipv6.com%2Fes%2Fbiz%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Tue, 06 Dec 2022 14:09:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=j%2f0l8a+m7DFd6VDcz7Ni10o8pIb4ib+aMEfisI4U6gA%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:50 GMT;Httponly; Secure
_abck=1D4E276EA3879241B8C359DDF9106E13~-1~YAAQvgplX1DIHIyEAQAAvX/F5wkN31mb1OqY53xVvckeosyHgImi4Xqwp/H4MSGXWk85jBgYJcdHKVRqlgKQUbdhyLxjeuq4BsLYh4Tp1V4E23+yLHJqxFqI7jam1zDq3ie3ho7cEfcYRr+hsmvJQNk4LGncMQTamBpC9ivp/vCzNK8yLC2c5KEHnWINabcJDB5fcmO9/xiXHqNHDSPKTsviaVaqK58rclNavX5aiDT1A159DyU7AHgRITEnGyXAVRH5d++U5A4yTV5x974LQouGKKaTKVe5vlDeAh2n2qizMZxFUvcTwIb6JYJfSnhzA1KFryo4aroMsatZ+S2p6Ao39D1iDEPZ9araGEhBBWC99ppBVy+arpDPvbBJ8UYgIQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:51 GMT; Max-Age=31536000; Secure
bm_sz=54C5F4BDC13B9EFB6D3C9CAA595C8F98~YAAQvgplX1HIHIyEAQAAvX/F5xIrVf5X/la1cVoPBE0ygwpJGXC8A0XgueG3rSCIXfHYsEVwcLlmlrvObXqOVEzXkFA2V1+bNEU/qMzx5lin9V1lRZOOIVJIx29NNqIW2zeFULsFbaX0RHIKMXuNfMteQIXv+PES0QA25v8MF3wdwNIjZ1v0+r+m5LjEEa7cNQfwV6Zug/Q9NmihsZprGlYt78HDjUDEis8Mzgu/6CSxkaa4mJTG6lQcoXlqekmOHlia9yIyTLyf/pKlQ/tKKTMXgKNPJ7JT7PAhSI92wNPTCeQ//7/t~3356984~4338758; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:50 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
54.148.145.197200 OK 61 B URL HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 54.148.145.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6cea234e98ece6237af6d262ad5f9c1c
cb4a8796ed084f7dd8a9c84a5b0eb6e144f5cb51
6dc3156289f7db61ed812b122efd508a04dc8624ea8ee71da0cd95c452b9975f
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 14:09:50 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1667971496381
8.39.193.5200 OK 2.3 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1667971496381
IP 8.39.193.5:0
ASN #54396 NUANCE-MOBILITY
File type ASCII text, with very long lines (7108), with no line terminators
Hash 69248df2e4cd19badf361961108eec5e
86054d9394816797a159f91274bf9c97033a9024
4879bdd8f9d0bd0597e5df3170a4164ca2ca3aaab294b91dd49332db9d36f290
GET /media/launch/sdkChatLoader.min.js?codeVersion=1667971496381 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "6Cu8yUJ1UkL"
Last-Modified: Wed, 09 Nov 2022 03:48:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 2292
Date: Tue, 06 Dec 2022 14:09:50 GMT
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
54.148.145.197200 OK 42 B URL HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 54.148.145.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11210
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 14:09:50 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:321f33f0-151d-4414-b94f-45d21981f454;Path=/;Expires=Tue, 06-Dec-2022 14:10:20 GMT;Max-Age=30
ADRUM_BTa=R:55|g:321f33f0-151d-4414-b94f-45d21981f454|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Tue, 06-Dec-2022 14:10:20 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Tue, 06-Dec-2022 14:10:20 GMT;Max-Age=30;Secure
ADRUM_BT1=R:55|i:559461;Path=/;Expires=Tue, 06-Dec-2022 14:10:20 GMT;Max-Age=30
ADRUM_BT1=R:55|i:559461|e:15;Path=/;Expires=Tue, 06-Dec-2022 14:10:20 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 14:09:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1779321474.1670335790&jid=820531521&_u=4GBACUAKBAAAAC~&z=747835447
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1779321474.1670335790&jid=820531521&_u=4GBACUAKBAAAAC~&z=747835447
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1779321474.1670335790&jid=820531521&_u=4GBACUAKBAAAAC~&z=747835447 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 14:09:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1779321474.1670335790&jid=820531521&_u=4GBACUAKBAAAAC~&z=747835447
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1779321474.1670335790&jid=820531521&_u=4GBACUAKBAAAAC~&z=747835447
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1779321474.1670335790&jid=820531521&_u=4GBACUAKBAAAAC~&z=747835447 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 14:09:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1667971496381
8.39.193.5200 OK 32 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1667971496381
IP 8.39.193.5:0
ASN #54396 NUANCE-MOBILITY
File type Unicode text, UTF-8 text, with very long lines (59866)
Hash ae63647529d393339b3047ff634e597a
f6d48c440c71eee2228d02e2ccf22e01910db07c
d6c38b7cfe0fc72dfaa43f83aa760b98804f5d28ab6e6a4f95c9f0d649f01c77
GET /media/launch/site_10006005_default_helper.js?codeVersion=1667971496381 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "71AbJaNkxPY"
Last-Modified: Wed, 09 Nov 2022 05:25:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Tue, 06 Dec 2022 14:09:51 GMT
www--wellsfargo--com--9549329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.131.129200 OK 265 B URL HTTP/1.1 www--wellsfargo--com--9549329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type JSON data\012- , ASCII text, with no line terminators
Hash 9dae424c455bf9b294fe99210873bfec
50322657a2aa7c428525ddce79df562522635b41
46af3573f39963cf8bf102d669c0937371dec624dd6bb2908424234358b82572
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--9549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/es/biz/
content-type: text/plain;charset=UTF-8
Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Content-Length: 668
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!MLFp7nMuFDV4qQkCM1DtwKm8Wrr895pFmgM2Fp3foIm98cTfJNrYdFRh1FZrBeEajZKqaDR+y+K6+x4=; utag_main=v_id:0184e7c57218000c5440a76f735d00050003e00900918$_sn:1$_se:2$_ss:0$_st:1670337588844$ses_id:1670335787545%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=921855785; dti_apg=%7B%22_rt%22%3A%22DTFsf%2BdYtBLJ8CmqmTCchuxvWovhqimoriAJqHSIhrA%3D%22%2C%22_s%22%3A%22RhtwetAh%22%2C%22c%22%3A%22MWJ6VTlPSFRzV0RVYXBCcQ%3D%3DwXxk-VGNsAWYpV1PxgcUq75KFpCA6zZ1bRxvk1hUhPoa42ILSamI2bnxwW4nGeBUqOLCP5XqsJUfZnhSqcp0rq6010fJgxpfCig%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AS5Nj2MAAAAAlUIgKgeqXYqAbvNeW%2Fzj%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C77117159524639195783165125946225143497%7CMCAAMLH-1670940588%7C6%7CMCAAMB-1670940588%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C508857381%7CMCOPTOUT-1670342988s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=55a34900-121a-42fe-8199-e85850716779; _cls_s=04813cc4-bce8-4015-9ac0-85970c8ac124:0; _gcl_au=1.1.915232984.1670335789; ADRUM_BTa=R:34|g:130edd73-5950-4a9a-98a3-061a14c332e2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:102; _ga=GA1.2.1779321474.1670335790; _gid=GA1.2.1847571364.1670335790; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiOHZzOEI3bGI0UEViSFdYb3ZXa1UwQT09IiwiZSI6IkRRdnpHNjZMK2paTkl5c1ZZajVpaUcrY09OWUVHbDN2WkdxaW80V1Q5T3prVFJhcG1rVHpmeERhalFEYTdOczJHSE5ibW5xOURCYkROaGZEbTRaaVlTbDFSeGxcLzd4RHYyWGlUeDRCMHZqRnlSM29tTzBxK1dkWllONjJrWkRaKzBhRjk1NHFSTEVRZ3c1ekpmaHEwcnc9PSJ9.4844517e573ec3a0.ZWRiOTZlMTc5NTUwZWE0NWEwZTA1OTM4NTA2ZGU2OTA1MjZmZmFjNDU1NzUyYzZkYjIxZWJiOGY4OGM0N2U0ZA%3D%3D; ndsid=ndsagsca64t8zcqlbcasw4t; _imp_di_pc_=AS5Nj2MAAAAAlUIgKgeqXYqAbvNeW%2Fzj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 14:09:51 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=R%2f2mdsdLOdW7XRymNq9f7cDXSmsfs3+34BoSUvoyKM8yS89gFej+NeITJrIBidAb; Domain=www.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 14:24:51 GMT;Httponly; Secure
_abck=2A4ED67733EC406E112EF09A7D47FDB0~-1~YAAQJmgRYEcZXsaEAQAAHILF5wnzeAGM9daEJq1ztS0yGgbypQkE+4F75EsFeG19xSGkLQTeXgt88rWaymoag/Do1Js9qiinj+URHfKmf6jQL1jOYcng5pqqbw+yBeCK3/VEQpHse50uO3z5SD+PtI6UbD2txVWDnqmoEzSlkiCsZbbYYiiYsM796AHnQlqinCj4hyQOGTrFTb/RR88+BuEbvN+9LRDhrzoq/ZJ1HpSs98v0zq3QfBmBK0W5/uw/mS96b+znFlhb+NHTR2uuT8be9jz94CS/8g1BkAFFl3GBFngsJJqpe/7qzwIt1UeKiig6dhMdPAE5GybIFaEcsLPd9q1dAfM74cm1AEGxJv8ENiRXDe6ua7wZgtd0I3fBiQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Wed, 06 Dec 2023 14:09:51 GMT; Max-Age=31536000; Secure
bm_sz=E36E605277B1A565C5457B959723EDBF~YAAQJmgRYEgZXsaEAQAAHILF5xJ/MJWJ2TFdg2FcTQEI3qgvp6rraXHhLTZHVzg8EJmtQzSd4LOqEQk9OtU0RGpzR84tkT1kWICK2HWcF7CSyrTci7z9OCGDgOE0zjq4ojNjZlKIWv0x67HDIHJw8UXwnflPCovj4ebg9Vd/lZ2SgslSwMXNl4TCrjLseIp5OWkkdexgFQNe/4s07wQkpRgb2y115E2NnwD9ux17LnZbOlomyuYI4obLAvWMHtFk5AkZdwRpZephKNfx4gvAX944TvKpkd2BDLBBWT2ps0JF2Gqkcyxq~3294003~4403267; Domain=.wellsfargo.com; Path=/; Expires=Tue, 06 Dec 2022 18:09:51 GMT; Max-Age=14400
X-Via: 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 638f4d2f_bl21_19789-59699
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1667971496381
8.39.193.5200 OK 26 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1667971496381
IP 8.39.193.5:0
ASN #54396 NUANCE-MOBILITY
File type ASCII text, with very long lines (5905)
Hash ab9a5d124c70c5f6aad76fe7dc248173
88f56a0a1ecb70d5a180f384a1618e567b5c51d8
9d4fb62d5be57b8d696f328343dcea3abdb0893a45c3f0c65c1e725171d35a4a
GET /media/launch/site_10006005_default_jssdk.js?codeVersion=1667971496381 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "FgykOpD8Czx"
Last-Modified: Wed, 09 Nov 2022 05:25:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Tue, 06 Dec 2022 14:09:51 GMT
media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1667971496381
8.39.193.5200 OK 138 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1667971496381
IP 8.39.193.5:0
ASN #54396 NUANCE-MOBILITY
File type Unicode text, UTF-8 text, with very long lines (327)
Size 138 kB (137495 bytes)
Hash acf6c82982a4064fb23831dd20eb8486
479f72c643446b8415166e8118981a3178deeb09
729d4ab9151caffaaebeb27bb8fb426c2e964a85244c8442b5a6c46ef0d87361
GET /media/launch/all_10006005.json?codeVersion=1667971496381 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "6IhG1ZzHri7"
Last-Modified: Wed, 09 Nov 2022 05:25:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/json
Transfer-Encoding: chunked
Date: Tue, 06 Dec 2022 14:09:52 GMT
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9838b65dde746487c806ee9739f8b222
1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8
cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hTx-BIZT_THNG5yNlQDL6LCM5lBs8ezZK8-5FMFiarpRfhmBu6pbTQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:45:51 GMT
age: 59042
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1667971496381
8.39.193.5200 OK 0 B URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1667971496381
IP 8.39.193.5:0
ASN #54396 NUANCE-MOBILITY
GET /media/launch/tcFramework_jssdk.min.js?codeVersion=1667971496381 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "DNdd9Gt4x/7"
Last-Modified: Wed, 09 Nov 2022 03:48:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Tue, 06 Dec 2022 14:09:53 GMT
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
54.148.145.197200 OK 0 B URL HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 54.148.145.197:0
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--9549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 14:09:50 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2