r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b720c31d9c036cd2ef10e35fa29f5345
ac625d2e69284e5080bede4b37c31af62c26338b
323b76eceb5d3ad339a1c55bfa7eea4e39741258e08d5005b691f712a9e9c81c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "323B76ECEB5D3AD339A1C55BFA7EEA4E39741258E08D5005B691F712A9E9C81C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21397
Expires: Sat, 05 Nov 2022 07:20:28 GMT
Date: Sat, 05 Nov 2022 01:23:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6403
Cache-Control: max-age=122037
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:51 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 11:17:48 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15032
Expires: Sat, 05 Nov 2022 05:34:23 GMT
Date: Sat, 05 Nov 2022 01:23:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nCI+dHlFQki8Mxc2/fb8W141Jak55VUjhVNTcedShSj9V5Rj6Er+8x7B2sr4CRFZKHMBuMdVPKA=
x-amz-request-id: SH0R8G2NAGXATK2H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 01:09:48 GMT
age: 843
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 01:23:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.dcocsp.cn/
79.133.177.225200 OK 471 B IP 79.133.177.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 99852b63638eddf119e39a4764918a83
e41d9421bd4c72d237776649f4fd4f7db3c545ff
def46c1bd56f6c6d31f15d1cd9e096d3367fb98fb28e65e1321b69a9817f47cb
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 05 Nov 2022 01:22:11 GMT
Last-Modified: Fri, 04 Nov 2022 13:24:40 GMT
ETag: "63651298-1d7"
Expires: Sun, 06 Nov 2022 13:24:40 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1667611331
Via: cache21.l2de2[0,0,200-0,H], cache5.l2de2[1,0], cache8.de3[2,2,200-0,M], cache8.de3[3,0]
Age: 100
X-Cache: MISS TCP_REFRESH_MISS dirn:13:763508026
X-Swift-SaveTime: Sat, 05 Nov 2022 01:23:51 GMT
X-Swift-CacheTime: 3500
Timing-Allow-Origin: *
EagleId: 4f85b19c16676114312074745e
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 42a0adacced30df52cf7cad3e200036d
f7b4114defc61f806dbb74fd228bca155d52362a
e4928481739a2a75dce86c03b355c6dff507426e8d851cba5ca8537b1be87c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5306
Cache-Control: max-age=115881
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:51 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 09:35:12 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
163.171.131.129200 OK 21 kB URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1566), with CRLF line terminators
Hash 57de72a0b7c7943ce55be898dd6cdbb9
364c88b4b2492b0141aad282348d54ad45ad748e
411df64d31f1ac2a209c29e1a76f3cd5711c991f6edc537b0757262c795b0eba
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
GET /es/biz/ HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 20658
Connection: keep-alive
Expires: -1
Cache-Control: no-cache, no-store, max-age=0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-ada9b9d6-38ef-4041-b640-37a27c3d9aed' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com;report-uri https://ort.wellsfargo.com/reporting/csp
Content-Language: en-US
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:724d7cad-80d9-465b-9522-64b254fc2cfe; Expires=Sat, 05-Nov-2022 01:24:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:724d7cad-80d9-465b-9522-64b254fc2cfe|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05-Nov-2022 01:24:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05-Nov-2022 01:24:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:491115; Expires=Sat, 05-Nov-2022 01:24:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=50D14300A81605EE676C99617D1059A9; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=ES; Domain=.wellsfargo.com; Expires=Sun, 05-Nov-2023 01:23:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202211041823511895077459; domain=.wellsfargo.com; path=/; expires=2 Nov 2032 01:23:51 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; path=/; Httponly; Secure
WesdAksn=A58RY0WEAQAAAFfkSZfDEnABYAWBTAIfTpAxq1qV_KDklrY1TdFJdOOhBV6pAaOrg1-cuDv8wH8AAEB3AAAAAA|1|0|e21b63a172d79f06cb0214db192cb2be4dee355e; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=8978mVTmhRHIw5Zdnk7tWXptqP9WtH%2fedJUCA+QuC%2fg%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb27_bl22_20346-28264
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1851d1e0f69c6fd993dbaf79ad9d59c
418d64df65dcdff9c3a8580b6b2132c5fbfa0b2e
c1bb1ca3f081b09c103205ecd850a0f40fc8d9a92d78c1e079e0a10f3771a926
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3198
Cache-Control: max-age=108406
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:51 GMT
Etag: "6364b31f-1d7"
Expires: Sun, 06 Nov 2022 07:30:37 GMT
Last-Modified: Fri, 04 Nov 2022 06:37:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1851d1e0f69c6fd993dbaf79ad9d59c
418d64df65dcdff9c3a8580b6b2132c5fbfa0b2e
c1bb1ca3f081b09c103205ecd850a0f40fc8d9a92d78c1e079e0a10f3771a926
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3198
Cache-Control: max-age=108406
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:51 GMT
Etag: "6364b31f-1d7"
Expires: Sun, 06 Nov 2022 07:30:37 GMT
Last-Modified: Fri, 04 Nov 2022 06:37:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn-marketing-belt-cash-hand_64x64.png
104.110.27.78200 OK 2.5 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn-marketing-belt-cash-hand_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 01695377e69f7063e1550746495c81f5
609ec8ee8dd28f128f0477b6147817750c9b341e
5c9d48467771247548445209a10047ced732d2da276c072f4c6c5a483405c944
GET /assets/images/rwd/icons/marketing_belt_icons/icn-marketing-belt-cash-hand_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-103b"
last-modified: Thu, 14 Jul 2022 02:03:01 GMT
server: Akamai Image Manager
content-length: 2520
content-type: image/webp
cache-control: private, no-transform, max-age=2076075
expires: Tue, 29 Nov 2022 02:05:06 GMT
date: Sat, 05 Nov 2022 01:23:51 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.26200 OK 901 B URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1952), with no line terminators
Hash 5dcc7c101ced74367609685d577093f6
f0d8214335e3c33b634048b992afd536f5bd3e43
10aab16ccfb5374425dc6ee64453a7fe6d7b6dfa47ab65779f42c7db740da1ef
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sat, 05 Nov 2022 01:23:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=6IPX3o4qJx011FmA7dOrcg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1851d1e0f69c6fd993dbaf79ad9d59c
418d64df65dcdff9c3a8580b6b2132c5fbfa0b2e
c1bb1ca3f081b09c103205ecd850a0f40fc8d9a92d78c1e079e0a10f3771a926
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3198
Cache-Control: max-age=108406
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:51 GMT
Etag: "6364b31f-1d7"
Expires: Sun, 06 Nov 2022 07:30:37 GMT
Last-Modified: Fri, 04 Nov 2022 06:37:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www17.wellsfargomedia.com/assets/es/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL HTTP/2 www17.wellsfargomedia.com/assets/es/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c5f6eb132665afa77e8ac7a1a707e951
70d65ab0dcfaace4c1d8bbb772af4fd7c6f66c80
0d7727e08780a04f9c86fca16ed264664eea2b161744cfb70836880bf04fc1ac
GET /assets/es/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c392e6-10c2"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1710
content-type: image/webp
cache-control: private, no-transform, max-age=1983216
expires: Mon, 28 Nov 2022 00:17:27 GMT
date: Sat, 05 Nov 2022 01:23:51 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1851d1e0f69c6fd993dbaf79ad9d59c
418d64df65dcdff9c3a8580b6b2132c5fbfa0b2e
c1bb1ca3f081b09c103205ecd850a0f40fc8d9a92d78c1e079e0a10f3771a926
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5437
Cache-Control: max-age=110645
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:51 GMT
Etag: "6364b31f-1d7"
Expires: Sun, 06 Nov 2022 08:07:56 GMT
Last-Modified: Fri, 04 Nov 2022 06:37:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/appLauncher-secondaryHomepage.js?v=22.10.00.34
163.171.131.129200 OK 930 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/appLauncher-secondaryHomepage.js?v=22.10.00.34
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
Hash 7cf7598c5d2892ed29e5c6a4157b2233
b88bf19fb65a3c9d873378d68d90def137401f61
cc1882605572f6b680496107c7439e6c0964ff0c52bbb74f00b594119d7e8b05
GET /ui/javascript/publicsite-ui/appLauncher-secondaryHomepage.js?v=22.10.00.34 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:724d7cad-80d9-465b-9522-64b254fc2cfe|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:51 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 930
Connection: keep-alive
Expires: Fri, 28 Oct 2022 02:57:08 GMT
Last-Modified: Thu, 22 Sep 2022 21:44:24 GMT
ETag: "632cd738-ed7"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=pWorqr3vLWh0AuH8JJgwHg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
X-Via: 1.1 bl21:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb27_bl22_20346-28278
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_checking_64x64.png
104.110.27.78200 OK 1.7 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_checking_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7d5653912e62290c532bc8739c69731e
c48cd970eaa966f211e760a0fb19eda8fc6f4a8d
f7a7b6bbb8e06125faa2e4d2199f44d59c89cf361d3334f1db281d7e827602fe
GET /assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_checking_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-957"
last-modified: Thu, 14 Jul 2022 02:03:02 GMT
server: Akamai Image Manager
content-length: 1652
content-type: image/webp
cache-control: private, no-transform, max-age=2037746
expires: Mon, 28 Nov 2022 15:26:17 GMT
date: Sat, 05 Nov 2022 01:23:51 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.26200 OK 11 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (31790)
Hash 6d79a0dbc6ea2602aa38bbf53e43124e
8b53e45df3e4aea81cbfaa90081f6795bcfe39fc
d2aa003ecdd6c31e12964104bd23498a60e94fa2d163c6d1ff285db59f61bb6a
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 12 Feb 2022 17:58:28 GMT
Vary: Accept-Encoding
ETag: W/"6207f544-7c61"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 11076
Date: Sat, 05 Nov 2022 01:23:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=R7YiHEM+7kXExrooVDSw1A%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
23.36.79.26200 OK 17 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (48287)
Hash a75fd8e10b107df2ef26038f1783ac4e
b27d8fc62fd83f944d638b93140ec05bd050ded4
9baeb568dd185db9aeaefd009c3778e3fe04b59acfa6c04fe96bdf608c8f2299
GET /assets/js/wfui/container/wfui-container-top.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 13 Aug 2022 13:50:11 GMT
Vary: Accept-Encoding
ETag: W/"62f7ac13-bcef"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 16778
Date: Sat, 05 Nov 2022 01:23:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Dq%2fl4IEHIItmuEnlMtw%2fEA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marekting_belt_credit_card_64x64.png
104.110.27.78200 OK 1.6 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marekting_belt_credit_card_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b6865ccc7a6df08112ed1669824be71c
1a51df486fd125ee8a966115a1373e4b34e49c11
f33f804c40891284e0c3afcd509b199e56f3a2821fcc2f83f60aa66cf60ba305
GET /assets/images/rwd/icons/marketing_belt_icons/icn_marekting_belt_credit_card_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-9d0"
last-modified: Thu, 14 Jul 2022 02:03:02 GMT
server: Akamai Image Manager
content-length: 1648
content-type: image/webp
cache-control: private, no-transform, max-age=2074720
expires: Tue, 29 Nov 2022 01:42:31 GMT
date: Sat, 05 Nov 2022 01:23:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/matchmaker_woman_1600x700.jpg
104.110.27.78200 OK 35 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/matchmaker_woman_1600x700.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x502, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 539b8a50b31186a56fc5f1ab1297ea78
575c94d22bac962bf0417f00c9539f28ad6296f0
bdb5cb84e084b4f210b9d4d961ed3c47d650e48d5010d6eeeba0a06338ca5988
GET /assets/images/contextual/responsive/lpromo/matchmaker_woman_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c4837f-1857e"
last-modified: Thu, 14 Jul 2022 02:03:06 GMT
server: Akamai Image Manager
x-serial: 322
x-check-cacheable: YES
content-length: 34606
content-type: image/webp
cache-control: private, no-transform, max-age=2076045
expires: Tue, 29 Nov 2022 02:04:36 GMT
date: Sat, 05 Nov 2022 01:23:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_touchless_64x64.png
104.110.27.78200 OK 1.9 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_touchless_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2fd7f8c24576c73072097bf2e6259185
0fbda4c7e3b800aec15fea0539ad703ae61d6046
144529be2df1a6a4bbcbd82b300cd99b256fea8a768d3488f8080f4c0a908260
GET /assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_touchless_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-bde"
last-modified: Thu, 14 Jul 2022 02:03:01 GMT
server: Akamai Image Manager
content-length: 1930
content-type: image/webp
cache-control: private, no-transform, max-age=1912427
expires: Sun, 27 Nov 2022 04:37:38 GMT
date: Sat, 05 Nov 2022 01:23:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_gettyimages-691573493_1700x700.jpg
104.110.27.78200 OK 25 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_gettyimages-691573493_1700x700.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73d5e0b0076f087b0878d8d90308b115
6af270bc7003c54dcff68b2b283c43799bc85abc
490dbbb001e913bcb03b5b1099174db6ff6ff1fe8396f2ab44e63c29899f1168
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_gettyimages-691573493_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61fc441a-17f0e"
last-modified: Thu, 14 Jul 2022 02:03:05 GMT
server: Akamai Image Manager
content-length: 24624
content-type: image/webp
cache-control: private, no-transform, max-age=2012293
expires: Mon, 28 Nov 2022 08:22:04 GMT
date: Sat, 05 Nov 2022 01:23:51 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.215.94.42101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.94.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /4tDz6ntZ+j8Hr0U2XUs/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZkqbPKCN7RlQZWVOIXC+8YHJ33o=
connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?single
23.36.79.24200 OK 4.3 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?single
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (9269)
Hash e2d43a4122bbbd3971533faca0f6ba2b
c26d5b132260fd5c918dd3e2d0060747cea43051
e8f87e8127dad41332328a396c41c093ff4a5635c94eefce8fdaa8cb04d3df85
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Content-Length: 4305
Vary: Accept-Encoding
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
Set-Cookie: WesdAksn=Ax0UY0WEAQAAH71azzxPVOueN06ZP9rt_VaxAQZxm6rqsD4VMnxmfDyEUxrvAVtaKpqcuDv8wH8AAEB3AAAAAA|1|0|6aa9f646c3134ebd31c266bd9afc086fa3579943; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=8QRaDlFlvFStOGXI1jN970zknNl%2fn0xbxtE3QfVKiTI%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/homepage_iaoffer.js
163.171.131.129200 OK 15 kB URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/homepage_iaoffer.js
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (47413), with no line terminators
Hash d1e5fd89edcbb31762770b9aa4db17d3
02b0298e3535a594206c5a83cda3529ac9174739
69733e5a5114195358c00daec29c4350e0120c8268996a2d242384e622a40b9e
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
GET /ui/javascript/publicsite-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:724d7cad-80d9-465b-9522-64b254fc2cfe|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:52 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 15025
Connection: keep-alive
Expires: Fri, 04 Nov 2022 22:56:45 GMT
Last-Modified: Thu, 22 Sep 2022 21:44:22 GMT
ETag: "632cd736-b936"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Age: 1
X-Via: 1.1 VMdgflkfFRA2wp48:0 (Cdn Cache Server V2.0), 1.1 bl21:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb28_bl22_19312-61491
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/ui/css/publicsite-ui/ps-global.css
163.171.131.129200 OK 26 kB URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/ui/css/publicsite-ui/ps-global.css
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (65536), with no line terminators
Hash d86643dc5bba13535b36ac77eeb1f317
37d2fdfacd3b2c652b821d104978f9ed1fd73c91
e3acab25a46c79a3df935a9a61adb01663b581361beebfea539bdbf666c2aa4f
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/css/publicsite-ui/ps-global.css HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:724d7cad-80d9-465b-9522-64b254fc2cfe|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:52 GMT
Content-Type: text/css
Content-Length: 25761
Connection: keep-alive
Expires: Fri, 04 Nov 2022 22:56:45 GMT
Last-Modified: Thu, 22 Sep 2022 21:44:22 GMT
ETag: "632cd736-31451"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Age: 1
X-Via: 1.1 VMdgflkfFRA2wp48:1 (Cdn Cache Server V2.0), 1.1 bl22:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb28_bl22_19279-56750
static.wellsfargo.com/tracking/hp/utag.js
23.36.79.26200 OK 55 kB URL HTTP/1.1 static.wellsfargo.com/tracking/hp/utag.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15536), with CRLF line terminators
Hash a2ab4b46ad30f60866211f2fe5de68a3
125c39f1a776161eb319a742ae7ce621f4c38933
11f666b297e903717f7f8fb577dca1beb1db6bff324a2a99b4dc0c639f883452
GET /tracking/hp/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:35 GMT
Vary: Accept-Encoding
ETag: W/"632cc04b-32229"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54746
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=KdQYjMtVkBaQek81s5AsVQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
23.36.79.26200 OK 11 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (35814)
Hash 1d081a456e54c7c623d773fa473a4533
14aeab37af44fcabcde3e3419f3d46b0e427524b
b9ad6838ec4946d6494773e8f5c2c1b16bb361e98d435af2137a7bc9fb12f879
GET /assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 11 May 2022 04:38:04 GMT
Vary: Accept-Encoding
ETag: W/"627b3dac-8c18"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 11411
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=gCFv5kSqjY6g4TGfBcnUaw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:0
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:04:58 GMT
etag: "62d9b16a-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=10551356
expires: Tue, 07 Mar 2023 04:19:48 GMT
date: Sat, 05 Nov 2022 01:23:52 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&cb=1667611431437&event=PageLoad&pid=tcm:703-225258-64&ptid=tcm:703-223694-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fbiz%2F&clist=702-228795-16~91-2829-32|84-224686-16~91-2049-32|703-6793-16~91-223645-32|283-192509-16~91-223645-32|283-148263-16~91-223645-32|283-38072-16~91-223645-32|84-226264-16~91-223649-32|84-233306-16~91-223645-32|84-226382-16~91-223645-32|283-226516-16~91-223647-32|283-244189-16~91-236597-32|283-226480-16~91-226306-32|283-224785-16~91-223660-32|283-235016-16~91-223671-32|283-238621-16~91-228642-32|283-226262-16~91-223669-32|283-225008-16~91-223650-32|283-247102-16~91-244420-32|283-225025-16~91-223650-32|283-225026-16~91-223650-32|283-225027-16~91-223673-32|283-226514-16~91-223668-32|283-226635-16~91-223675-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&cb=1667611431437&event=PageLoad&pid=tcm:703-225258-64&ptid=tcm:703-223694-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fbiz%2F&clist=702-228795-16~91-2829-32|84-224686-16~91-2049-32|703-6793-16~91-223645-32|283-192509-16~91-223645-32|283-148263-16~91-223645-32|283-38072-16~91-223645-32|84-226264-16~91-223649-32|84-233306-16~91-223645-32|84-226382-16~91-223645-32|283-226516-16~91-223647-32|283-244189-16~91-236597-32|283-226480-16~91-226306-32|283-224785-16~91-223660-32|283-235016-16~91-223671-32|283-238621-16~91-228642-32|283-226262-16~91-223669-32|283-225008-16~91-223650-32|283-247102-16~91-244420-32|283-225025-16~91-223650-32|283-225026-16~91-223650-32|283-225027-16~91-223673-32|283-226514-16~91-223668-32|283-226635-16~91-223675-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&cb=1667611431437&event=PageLoad&pid=tcm:703-225258-64&ptid=tcm:703-223694-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fbiz%2F&clist=702-228795-16~91-2829-32|84-224686-16~91-2049-32|703-6793-16~91-223645-32|283-192509-16~91-223645-32|283-148263-16~91-223645-32|283-38072-16~91-223645-32|84-226264-16~91-223649-32|84-233306-16~91-223645-32|84-226382-16~91-223645-32|283-226516-16~91-223647-32|283-244189-16~91-236597-32|283-226480-16~91-226306-32|283-224785-16~91-223660-32|283-235016-16~91-223671-32|283-238621-16~91-228642-32|283-226262-16~91-223669-32|283-225008-16~91-223650-32|283-247102-16~91-244420-32|283-225025-16~91-223650-32|283-225026-16~91-223650-32|283-225027-16~91-223673-32|283-226514-16~91-223668-32|283-226635-16~91-223675-32 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:724d7cad-80d9-465b-9522-64b254fc2cfe|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=tPmmAY1ZJDKBuBgQS9t7+VK8G1qToEZRw+9SqVdQ7+0%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb28_bl22_20346-28292
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:0
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=4692206
expires: Thu, 29 Dec 2022 08:47:18 GMT
date: Sat, 05 Nov 2022 01:23:52 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:0
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=4602065
expires: Wed, 28 Dec 2022 07:44:57 GMT
date: Sat, 05 Nov 2022 01:23:52 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:0
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=4669000
expires: Thu, 29 Dec 2022 02:20:32 GMT
date: Sat, 05 Nov 2022 01:23:52 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:0
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=4601785
expires: Wed, 28 Dec 2022 07:40:17 GMT
date: Sat, 05 Nov 2022 01:23:52 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css
23.36.79.26200 OK 2.7 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 5257c2e188d24ddc00cc92573e5f2cfb
3526eb21d812e9ebfcb3514cc2ff9ad53abe442e
ae7a3a2c2db5a1dc74814e5001e439aeeae648e3b31cdb7474856dc52ea0b223
GET /assets/js/wfui/ndep/css/nuance-c2c-button.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 14 Jul 2021 10:08:23 GMT
Vary: Accept-Encoding
ETag: W/"60eeb797-2bb3"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2671
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=J14jeDM824JzgDpPBFDA3A%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/ps-global.js
163.171.131.129200 OK 58 kB URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/ps-global.js
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 4cb279dd0922b59fb63f0959efed9dd1
03a4a08e452105b0843bd3fb1572a80eacf483fb
2a0f7efc91d68ff2a8b87af7bea453f4d0358c0dbb4dcdaaa02961768be12936
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
GET /ui/javascript/publicsite-ui/ps-global.js HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:724d7cad-80d9-465b-9522-64b254fc2cfe|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:52 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 57549
Connection: keep-alive
Expires: Fri, 04 Nov 2022 22:56:46 GMT
Last-Modified: Thu, 22 Sep 2022 21:44:22 GMT
ETag: "632cd736-2bfb5"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Age: 1
X-Via: 1.1 VMdgflkfFRA2wp48:6 (Cdn Cache Server V2.0), 1.1 bl22:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb28_bl22_20346-28299
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css
23.36.79.26200 OK 505 B URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF, LF line terminators
Hash e2966fedd68930d5281a2ed6ea61c0d3
1ede5572cf49f251c212abdbd6f2df4bb48de1fe
c2ef5abb39d304068b5476114ebc952a97c091ea59348c8ba3adeadc715976ad
GET /assets/js/wfui/ndep/css/nuance-chat.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 17 Nov 2020 14:00:34 GMT
Vary: Accept-Encoding
ETag: W/"5fb3d782-52b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 505
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=SoyOn0IGNDJx7+1stbrgOQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js
23.36.79.26200 OK 19 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 55392b773646f8d0ce7447669d57b9df
a2ac835f802e03d4315bf3eee9cb51b1320b15c9
58ebbc236c9018a279c0059043036b148d40b90eb78ad799d4812bbda1058f2b
GET /assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 02:16:44 GMT
Vary: Accept-Encoding
ETag: W/"62f4668c-10199"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 18728
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=iz+podhL9+eAHHyKiZ0Scw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js
23.36.79.26200 OK 5.6 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (928), with CRLF line terminators
Hash 00e6f77045d9c92840a490cfcdc9ff6a
22f273b66fe0c5d43cf747fb9868b0904d5ee4b8
4d144f941f05ff42f2a818328b7524c6d3f2b6efc1fe93a09794af14ad262f6c
GET /assets/js/wfui/ndep/js/nuan-c2c.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Mar 2022 05:41:26 GMT
Vary: Accept-Encoding
ETag: W/"62317886-590b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 5649
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=XeHrS2P0XycIUyhAuxpquA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js
23.36.79.24200 OK 306 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65356)
Size 306 kB (305866 bytes)
Hash 0a73606e47133a2d2a13f7b5e1750e3c
8faaf759f275f0b66491df1c5077939099282044
cadbb05fc74ea8549b09ebed74da9dddf5499847acbcfaf7775b67a48abfc1ed
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sat, 05 Nov 2022 01:23:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: DCID=7LGmw6CuiqyL5z3Bpie5aav6KedXL60LX0h%2fw5bE8yqEM0yE5DJ7KA45rlWo7tpd; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 1.6 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b9d2c719de3d6701349f1134e129defe
703a51a2f72672f6b34a3dcf8d07c351143f9151
95ae72a8f3b1f5794802b2704b74bef2f29fe1b8da1f06c97a8e7ab2acb5e435
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "6116f9a6-dcf"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1636
content-type: image/webp
cache-control: private, no-transform, max-age=1917416
expires: Sun, 27 Nov 2022 06:00:48 GMT
date: Sat, 05 Nov 2022 01:23:52 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=38648
expires: Sat, 05 Nov 2022 12:08:00 GMT
date: Sat, 05 Nov 2022 01:23:52 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5790
Expires: Sat, 05 Nov 2022 03:00:22 GMT
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5790
Expires: Sat, 05 Nov 2022 03:00:22 GMT
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5790
Expires: Sat, 05 Nov 2022 03:00:22 GMT
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5790
Expires: Sat, 05 Nov 2022 03:00:22 GMT
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5790
Expires: Sat, 05 Nov 2022 03:00:22 GMT
Date: Sat, 05 Nov 2022 01:23:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7c9c908e891e7277f21a914fea9aa25
596c3c084ae3d850a5dc28e549b4e22f2b8cc71f
709c217b3ac09712d2af4366316c8977b1a4e2a73f887b3e30f10df1ed50bacd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 7c179507-20a7-4fa3-993b-f79b3e7949ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwiGHD_IAMFQZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e0d-337623ce79dc53c864632c72;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:06:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM3hc6Jfl5pDWPikIlcQOexIScQavqJh9h-N-EvIGNpicWJwHMPKIA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 19:29:40 GMT
age: 21252
etag: "596c3c084ae3d850a5dc28e549b4e22f2b8cc71f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe9d0595-2606-4462-8dd8-11c0a267de65.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe9d0595-2606-4462-8dd8-11c0a267de65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df11af332512d94d34a88a4671b2fbe1
0db58fda3dec787d0d979f8398d90b2b8d7e2c2f
7c561aed53b57db2039031c79453fc3f7cead944c60dd087487a9998c2df5a30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe9d0595-2606-4462-8dd8-11c0a267de65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4413
x-amzn-requestid: b6f0aa99-437e-4e3d-b300-0a0ab1563c42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHm_HhVIAMFdUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365862c-3eacf2f4114f5ae22a140480;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tfZ_BvuASWOZmTXu843gBNpGSe4T0CUCaymoVUMzYFWaILLZX-vPmg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:07:33 GMT
age: 11779
etag: "0db58fda3dec787d0d979f8398d90b2b8d7e2c2f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ae2b8d827fb2c8bef64febcd36f1645
f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11421
x-amzn-requestid: 80f2a46c-6682-4160-b896-eeaa366dbab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKNF4SoAMFn5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-5a5517d005ec7a7d1507b58e;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gdqoswTMqjrfyzzY-103agxLH8ak-rFsCId29eoLOF6WHgFmd04K7g==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 08:24:41 GMT
age: 61151
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8386dbb6-48d7-404a-acfd-e0366f041a8b.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8386dbb6-48d7-404a-acfd-e0366f041a8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a3428f7926e724686ddf40cdfdaf830
e56f1acd5646afde18b366e30f8dfbd7f9a6a15b
a413cee3cdae66712505157afaad44b2e08762bce67d05398dfcaa721035eafa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8386dbb6-48d7-404a-acfd-e0366f041a8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8933
x-amzn-requestid: 5a2debdf-46aa-4205-a78a-5bebd347bc1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: atDg5GSaoAMFgJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b7f9f-630c25e060bb22dc55fbd097;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 07:07:11 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ztXeOZSwnwsYYPPOmCkIr_WTTKl3UbPi9kQDOCwrumndDzrrhJS5cQ==
via: 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:22:51 GMT
age: 10861
etag: "e56f1acd5646afde18b366e30f8dfbd7f9a6a15b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 683264508686ad18ae519baac54d3b05
1897c9fcad301764736ab867491beb18526af153
e8beb5d336ca424e36725ab87b98b4dedcf32a5b01c43b9c06363a7be25522fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5754
x-amzn-requestid: df2c5b88-0444-44b1-81ef-04e565d25b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bAS--GiUoAMFTjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636331f9-0ec90f4d5f0c6fcf2d6e4a8b;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 03:14:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7CdkFTu--etXnoftDB8IYx3G6NIDBbKNiomZXVQQpr8et2Qh9yUGoQ==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 03:37:09 GMT
age: 78403
etag: "1897c9fcad301764736ab867491beb18526af153"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea73a1e6-5232-416f-82c9-13016ff006e8.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea73a1e6-5232-416f-82c9-13016ff006e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62c2729bd495d86a4eac5a04ae21408e
84a91429d90d3ef5a31d918cc9477f92ed716531
01eb74a1913886d7f122f7612cbcafcc75b49efd7a4c6248c36a5cd9cafb4518
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea73a1e6-5232-416f-82c9-13016ff006e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9290
x-amzn-requestid: 36b442e5-25d9-4ce8-b102-a2fb5037d640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDqm3Gv-IAMFbug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63648af8-0d41999b3dcbac4a1032f56c;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:46:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4y0OhkF328ODb-dDWH1fw6sFZ21CR_eqprYs4WSR5Q-fROKgC_r7GA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 13:13:47 GMT
age: 43805
etag: "84a91429d90d3ef5a31d918cc9477f92ed716531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/as/target/offers/conversations
163.171.131.129200 OK 939 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/as/target/offers/conversations
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (2516), with no line terminators
Hash 213651e68c8d52c669b7a30d29b8b0cf
3018dc324453eeea597fef011748952c79c5141c
fa9f6d5d71953d26786ced2ce229b2809364a0f46fd8e50a0cd3bad2c78e424a
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
POST /as/target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 103
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:724d7cad-80d9-465b-9522-64b254fc2cfe|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:53 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 939
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-2eceda6b-95f7-4994-8654-0f8cd0cdd900' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:724d7cad-80d9-465b-9522-64b254fc2cfe|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:491115; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc; Expires=Sat, 05-Nov-2022 01:24:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05-Nov-2022 01:24:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05-Nov-2022 01:24:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917; Expires=Sat, 05-Nov-2022 01:24:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:60; Expires=Sat, 05-Nov-2022 01:24:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=8AAF09C12E4BDAC6455D17FFB2A2A0DC; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 05-Nov-2023 01:23:52 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202211041823521907076862; domain=.wellsfargo.com; path=/; expires=2 Nov 2032 01:23:52 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=iRPYh5MP+Vx0OCM57lPu9eaYhYoqAOMZ9JTNg%2fs4HCc%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl22:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb28_bl22_19279-56753
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/credit_1700x700.jpg
104.110.27.78200 OK 21 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/credit_1700x700.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 88268efbf4efb0c2770520ac85649b7f
c56ae061d7c0e1e0c5c265e46a5a64a4c96f82d9
46a9cb09ecd93735beb4f66e131776139e7cf6eb8837af3f53e392d344d652e4
GET /assets/images/contextual/responsive/hpprimary/credit_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "63331202-1448b"
last-modified: Tue, 11 Oct 2022 21:11:03 GMT
server: Akamai Image Manager
content-length: 20866
content-type: image/webp
cache-control: private, no-transform, max-age=503196
expires: Thu, 10 Nov 2022 21:10:29 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_magnifying-glass_color-gradient_64x64.png
104.110.27.78200 OK 1.5 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_magnifying-glass_color-gradient_64x64.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5f7ebe6f9d9c334607b34d59399187ba
08b6be81b1a1cb76b67779e53b34dc0363ce3900
6da80e2cf89f588623941b579e21ed68904e8efa5ae89b04a215db5d7658bf1a
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_magnifying-glass_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62587d96-e89"
last-modified: Thu, 14 Jul 2022 02:03:03 GMT
server: Akamai Image Manager
x-serial: 1190
x-check-cacheable: YES
content-length: 1466
content-type: image/webp
cache-control: private, no-transform, max-age=2075212
expires: Tue, 29 Nov 2022 01:50:45 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 2.3 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cd43a2d200f1b8eec84495408eb299f0
2eb173b0af9b49b634e0645a96931f5fdf6e3ab3
659ec8c02bafa9c286c39731fb1d2d382a7a8dd2ee8cc4132146558dbe27b6a8
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61619278-9f2c"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 858
x-check-cacheable: YES
content-length: 2330
content-type: image/webp
cache-control: private, no-transform, max-age=2036859
expires: Mon, 28 Nov 2022 15:11:32 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 2.3 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2f9e97870725142046712437d067b97f
bf8db685193835edea05ac95e5671b24e0f49467
50ce7b0d954443e5fd62e3cd003bc7124bda0b30dd58d6a66485c72be96959c0
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61619278-cf3e"
last-modified: Thu, 14 Jul 2022 02:02:39 GMT
server: Akamai Image Manager
content-length: 2340
content-type: image/webp
cache-control: private, no-transform, max-age=1887759
expires: Sat, 26 Nov 2022 21:46:32 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 2.1 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bf02d082705f06162b2e73f68602e79e
219dbb45081fa5d8663bad2f96e9066e7f17aa6e
10c22e3b130204065c1a61e7995a9defe21f0408801e8b442035a03f8d16ad64
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61619278-7b35"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
x-serial: 416
x-check-cacheable: YES
content-length: 2092
content-type: image/webp
cache-control: private, no-transform, max-age=2068291
expires: Mon, 28 Nov 2022 23:55:24 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-4-bg-gradient.png
104.110.27.78200 OK 2.6 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-4-bg-gradient.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1626a2f9535a10e8d076cab3de0df78f
4c2c4d82a3d4b49457a8a17a345c07c9617202fd
3fbf3b0d590832220370ac5dd608fa737315363f163967c6671d228bd3161084
GET /assets/images/homepage/position-4-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61619278-ea13"
last-modified: Thu, 14 Jul 2022 02:02:46 GMT
server: Akamai Image Manager
x-serial: 1250
x-check-cacheable: YES
content-length: 2594
content-type: image/webp
cache-control: private, no-transform, max-age=2076082
expires: Tue, 29 Nov 2022 02:05:15 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIA6TUWEAQAA0o95Z3ADI58VkrgTCWWk4ZhYv7F8pnWhKo7nh_aK1vf58wid&X-G2Q3kxs3--z=q
23.36.79.24200 OK 148 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIA6TUWEAQAA0o95Z3ADI58VkrgTCWWk4ZhYv7F8pnWhKo7nh_aK1vf58wid&X-G2Q3kxs3--z=q
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 148 kB (148181 bytes)
Hash 388b0c9d37abaa94033da727cdfa5720
d972390ae2f4853597569e7703dacfdc291e8722
2edd3708356716aec27f2eac44598f7e84f7f0505e877f62edad9520d6c5f859
GET /auth/login/static/js/general_alt.js?async&seed=AIA6TUWEAQAA0o95Z3ADI58VkrgTCWWk4ZhYv7F8pnWhKo7nh_aK1vf58wid&X-G2Q3kxs3--z=q HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sat, 05 Nov 2022 01:23:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: WesdAksn=A2MVY0WEAQAAcipcbGrdVVUwI6sIraN1ReNZYE07og0yHmDeTA0tMhxKLX8nAVtaKpqcuDv8wH8AAEB3AAAAAA|1|0|6c6339c8d12bff6b32885b6d21ac706a52bb702f; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=SMQT7j3GdBfx%2fU0LtMU7SdQXWghonGsgj84axQfwMhCkpB8opwanJR6FcwSwDyuX; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-platinum_79x49.png
104.110.27.78200 OK 1.4 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-platinum_79x49.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0880265bd118920fd1ca18eabb29c528
49602ee1485b1f4055635d42c568546e13aa8c90
37dd0a3404af3c62777281c147d144378dd6809620e531e58a17423abc057c38
GET /assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-platinum_79x49.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "6335f9d5-1a8f"
last-modified: Mon, 03 Oct 2022 02:02:07 GMT
server: Akamai Image Manager
x-serial: 1888
x-check-cacheable: YES
content-length: 1436
content-type: image/webp
cache-control: private, no-transform, max-age=2075791
expires: Tue, 29 Nov 2022 02:00:24 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-elite_79x49.png
104.110.27.78200 OK 1.4 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-elite_79x49.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cc3d77556283919af04e0641e3e37250
1e96a649e7cb434597082cc204b050127e36e8f8
21c8d2fc781f13fb45ae4208b353c983d49d41c3505e94e29b5c1d5c31e19c68
GET /assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-elite_79x49.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61c275a2-1bfd"
last-modified: Thu, 14 Jul 2022 02:03:02 GMT
server: Akamai Image Manager
content-length: 1350
content-type: image/webp
cache-control: private, no-transform, max-age=1700110
expires: Thu, 24 Nov 2022 17:39:03 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_tablet_flower_shop_616x353.jpg
104.110.27.78200 OK 33 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_tablet_flower_shop_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65a51929096fa18d4bb06f2a29891a75
d34df0eb676d584af89dfc2b6e022b4910b90cc0
d67a289220cf94e6d81eefe14a1a911aeeff5010229d78c409fe55761f2d8108
GET /assets/images/rwd/photography/616x353/man_tablet_flower_shop_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189aa-d24b"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 33186
content-type: image/webp
cache-control: private, no-transform, max-age=2075987
expires: Tue, 29 Nov 2022 02:03:40 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/2_woman_cafe_folder_616x353.jpg
104.110.27.78200 OK 55 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/2_woman_cafe_folder_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a974c3d7e7eec33c0b3a6a51bc5dda5b
e3c5e2e739d51f334183573016c9e00de421bed5
ca43102cb524defb85fcf58b1236f271a8c02303e3e4e1df6351273867576cce
GET /assets/images/rwd/photography/616x353/2_woman_cafe_folder_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189aa-11d15"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 54586
content-type: image/webp
cache-control: private, no-transform, max-age=2066093
expires: Mon, 28 Nov 2022 23:18:46 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/food_truck_card_insert_616x353.jpg
104.110.27.78200 OK 26 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/food_truck_card_insert_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e004488f9fb67721f39390f524ad5c78
24a7cf417462d429cc72dc5ea55873c4cdeef796
1b422aeb872e1f5c9a0c4ea9db41f1022d6c38a83d7e5e806d1ca6741ab3be6a
GET /assets/images/rwd/photography/616x353/food_truck_card_insert_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189a9-b2b6"
last-modified: Thu, 14 Jul 2022 02:02:38 GMT
server: Akamai Image Manager
content-length: 25792
content-type: image/webp
cache-control: private, no-transform, max-age=2076067
expires: Tue, 29 Nov 2022 02:05:00 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Navtive_App_Phone_Personal.png
104.110.27.78200 OK 15 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Navtive_App_Phone_Personal.png
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 42f3bed043f7a3b4c585c74b98e35499
16d8482ca3e416cb9203f15bd0c0faa82e622327
ecfea4fcc40f95576acdf90df879a5bed9a1c481a69c127d940c616e5332cc98
GET /assets/images/rwd/Navtive_App_Phone_Personal.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "61a934dd-41c5b"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 15388
content-type: image/webp
cache-control: private, no-transform, max-age=2075951
expires: Tue, 29 Nov 2022 02:03:04 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_kitchen_tablet_616x353.jpg
104.110.27.78200 OK 26 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_kitchen_tablet_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce943ec0868d0b5769548025730ebb06
31d26f01d9a1e62d683b1165bec3d6e5b5310093
be1ec3a15be24dbd2904218e9def59d04b54bdca02738ee718a55823572f179a
GET /assets/images/rwd/photography/616x353/woman_kitchen_tablet_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189a8-c00f"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 25762
content-type: image/webp
cache-control: private, no-transform, max-age=2075091
expires: Tue, 29 Nov 2022 01:48:44 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_computer_paper_shop_616x353.jpg
104.110.27.78200 OK 33 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_computer_paper_shop_616x353.jpg
IP 104.110.27.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 616x353, components 3\012- data
Hash 816d65c2758ff533fa6e21801daeb1e6
08e4d8044b39ddbef43651cb29b371c450e651c1
72137441f0a479553ec1c095ac9f20ae25a6a1a631f910415ea2e18eb367f2bd
GET /assets/images/rwd/photography/616x353/man_computer_paper_shop_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189aa-a3e7"
last-modified: Thu, 14 Jul 2022 02:02:38 GMT
server: Akamai Image Manager
x-serial: 510
x-check-cacheable: YES
content-length: 32871
content-type: image/jpeg
cache-control: private, no-transform, max-age=1840321
expires: Sat, 26 Nov 2022 08:35:54 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_woman_shoes_616x353.jpg
104.110.27.78200 OK 25 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_woman_shoes_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11d5c849b66051138628a9cbe63132fd
7b30e03cf2ba108867c248ecdc8207bd6a4bb80c
ba5375591bbba655a050fea8fb3c9dfa7561d09a102c7b4a987999cc7b4ddb0d
GET /assets/images/rwd/photography/616x353/man_woman_shoes_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189a9-d12c"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 25094
content-type: image/webp
cache-control: private, no-transform, max-age=1990457
expires: Mon, 28 Nov 2022 02:18:10 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_computer_writing_mugs_616x353.jpg
104.110.27.78200 OK 34 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_computer_writing_mugs_616x353.jpg
IP 104.110.27.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 58ede609c8abd3ba38aa9d0e8de3298e
b2236e0ac30a78ef74c1db03a331f2cdc78dbf34
8e7880330ef42f2dd950fea1001a6124574a5a03afc384b88a2b744b9875fbb5
GET /assets/images/rwd/photography/616x353/woman_computer_writing_mugs_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "62a189a8-e4dd"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 33632
content-type: image/webp
cache-control: private, no-transform, max-age=1914661
expires: Sun, 27 Nov 2022 05:14:54 GMT
date: Sat, 05 Nov 2022 01:23:53 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.26200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65508)
Hash f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45086
Date: Sat, 05 Nov 2022 01:23:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=I5JGmmiCIi2DD6uW4kTKVA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/gb/detector-dom.min.js
23.36.79.26200 OK 132 kB URL HTTP/1.1 static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65434)
Size 132 kB (131829 bytes)
Hash 73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:51 GMT
Vary: Accept-Encoding
ETag: W/"632cbfa7-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 131829
Date: Sat, 05 Nov 2022 01:23:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=i2Ai81dUsp2gMfRxHr5Nqw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f58d7ceaac3c3f56db87f135994f9f4
1f94d217a66c4837781845c74656a39b31f307e0
6698a35a74df2439614198aec95269d99fc5f2ad51c7d3e7de0b7e10617586c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5539
Cache-Control: max-age=105322
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:53 GMT
Etag: "63649df0-1d7"
Expires: Sun, 06 Nov 2022 06:39:15 GMT
Last-Modified: Fri, 04 Nov 2022 05:06:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1667611432481
54.171.150.101200 OK 319 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1667611432481
IP 54.171.150.101:0
File type JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Hash 083f5019f9a4816038b9b1b5e9f1e9d0
1dcf29c1764459d0864f4e453223e895cd2e9b60
ab80b2b6484c294ef5632351615ab8fc0bb44cee04754529407b5b03f444ed01
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1667611432481 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-05c906a58.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=23268626813225734293198745680072047268; Max-Age=15552000; Expires=Thu, 04 May 2023 01:23:53 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: tLRrbb7aRGI=
Content-Length: 319
Connection: keep-alive
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.26200 OK 14 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sat, 05 Nov 2022 01:23:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=1lODxo8iTldPy8C0C6+DCg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
23.36.79.24200 OK 175 B URL HTTP/1.1 connect.secure.wellsfargo.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 1e66e519dcb8df770ea9605e8d9361a3
06d3e56094a20e33de5335654a4843d070c5e4e5
037be2df60452b62ee5b30e84828054ec07aa4d42bee189e4fd7db9e0e3e332e
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------17376851217292921173908118946
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Content-Length: 169
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 175
Access-Control-Allow-Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Vary: Origin, Accept-Encoding
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Date: Sat, 05 Nov 2022 01:23:53 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=NK55%2f52oEq10jfHHs7Qpzg3tS91HhAs4I7OklR049Y0%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.26200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65508)
Hash f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45086
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=T2lRbPw4%2fJCkLrqw5xFrsw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.26200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65508)
Hash f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45086
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=QyPdIdbhIHTQ2yp6VyRqJw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.26200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65508)
Hash f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45086
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=jElipeFRuMnNFrLTMMRY%2fg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1790179afa8a458763a406eeac38c0c3
c6fb052531d683e0128b7e4fe9a0de1fbc1eddf0
93325754a32452dddfe8fc1aa7d9f04f27689763c51d5cbb94f2753b54e1390c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 13:42:59 GMT
Expires: Wed, 09 Nov 2022 13:42:58 GMT
Etag: "c6fb052531d683e0128b7e4fe9a0de1fbc1eddf0"
Cache-Control: max-age=389343,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7651c965ab3eb4f1-OSL
wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1667611432487
3.248.125.227200 OK 320 B URL HTTP/1.1 wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1667611432487
IP 3.248.125.227:0
File type JSON data\012- , ASCII text, with very long lines (596), with no line terminators
Hash 3944146317b2619db1dc6f223a545c36
25e5959b579b7ce708d5257cb0591515312aec4f
5352ea3292ebfce3695eb00df13e9b7365cf73de4770bf0db10ecf549e5f9712
POST /event?d_dil_ver=9.5&_ts=1667611432487 HTTP/1.1
Host: wellsfargobankna.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 377
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-008327e36.edge-irl1.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=23268626813225734293198745680072047268; Max-Age=15552000; Expires=Thu, 04 May 2023 01:23:54 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: UZ8O8+laQgQ=
Content-Length: 320
Connection: keep-alive
api.rlcdn.com/api/identity/idl?pid=1317
34.120.133.55451 Unavailable For Legal Reasons 0 B URL HTTP/2 api.rlcdn.com/api/identity/idl?pid=1317
IP 34.120.133.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/identity/idl?pid=1317 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Sat, 05 Nov 2022 01:23:54 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
23.36.79.24200 OK 152 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 152 kB (151805 bytes)
Hash 532888a5697abe4e8fb4c4a33c442102
50cdbfc8da408d5bb2e271997320d1433ccb21a2
be2a5113879cde75798933cccb4969f87e14367c79ad6bc6a79072f7282cbafc
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"63589271-172f"
Last-Modified: Wed, 26 Oct 2022 01:50:41 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Length: 151805
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=Aw0bY0WEAQAAFJvkwZaMTYNsjDg3HWPpicVLCGFZmZ6ZT3FN4HlCx1tzbs1KAVtaKpqcuDv8wH8AAEB3AAAAAA|1|0|b4efe750e8d9284c6ba1b913a2c77b37bbc90975; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=yvrIrzlscDAd2+SC7ufLbQrmzGv5bsf+bjMJpx3PMRa4LQyotYxFuqrE+dIFT1t0; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.26200 OK 16 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (599)
Hash 18a9dcc7cee831010cf1647c8e39088a
731f39c30835414c6e165dd4687bf4071fe0eb10
1dc439a17ef08f995584c4869ccc397120b2502b57ba40240887df28e347be9b
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=elfqNGW01exVBbAtEfyiLQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=23260088063362468863200146012438003895&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202211041823511895077459%011&ts=1667611432662
54.171.150.101200 OK 320 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=23260088063362468863200146012438003895&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202211041823511895077459%011&ts=1667611432662
IP 54.171.150.101:0
File type JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Hash dbb08ff4c12404779bda0502976c7c66
71f6f1540ed3eafe66655faedc58e68d8ceb3e00
2842b2f10d68626af6050c451530c91242e6d8fe065f860beb850bd9d2cff280
GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=23260088063362468863200146012438003895&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202211041823511895077459%011&ts=1667611432662 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-037643fd0.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=28861263270885634663845714045827861621; Max-Age=15552000; Expires=Thu, 04 May 2023 01:23:53 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: c/KIWCrfR14=
Content-Length: 320
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c9cf8f82f2242b996164e2d37dc1a2f
5588c3d8fb27900440d1c931084bd7f2e29b485d
7ed287366551e2f294692e68ca6cd67dedc795b51566585a198d61909ac3a849
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5348
Cache-Control: max-age=151225
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Etag: "636551ff-1d7"
Expires: Sun, 06 Nov 2022 19:24:19 GMT
Last-Modified: Fri, 04 Nov 2022 17:55:11 GMT
Server: ECS (amb/6B8F)
X-Cache: HIT
Content-Length: 471
static.wellsfargo.com/tracking/ga/ga.js
23.36.79.26200 OK 20 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (49163)
Hash d76c07f3794667edfb1c8ac0df3aac66
23e1915175dad06223c692b49c7b3c2aad1a5820
e0a246ff71144016a26e53493b8275a3a02b9386c690a169801840072851136b
GET /tracking/ga/ga.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=cX09E2hElAkrPrLj4vS6mg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc%3A0&_cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06&pv=2&f_cls_s=true
23.36.79.18200 OK 76 B URL HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc%3A0&_cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06&pv=2&f_cls_s=true
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash c026320ecf5d17bf812dcce97b32fe5c
e7d4215eee260f2a159f440f47cf25263fae1439
ebbd3469383edb08bafcf0a41c79263e54d669efae877c19749006b8236727a2
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc%3A0&_cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 76
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Set-Cookie: _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; Secure; SameSite=None;HttpOnly;Secure
_cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!3LgkuGkqy/768S7jbMKMZ0gdoDa2eWlMejTHOunyE65mA7P0uN8kvnKH5adKpsnCmNVFyZGb67k/qu0=; path=/; Httponly; Secure
DCID=YkkzWZCpMFd8E0ZiFesBOVdAN5q+oLoDhG7yIKZkwIk%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432801&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432801&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432801&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=iA828ljObsG1RLP6yZ091uOrotU32OuyZ6AOMOtgkZtMRnYEnkRkppOcnSo+VeJv; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19279-56879
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c529f3f6856ef48de1a036dff13e0012
e6aa76377376e8144bb8c7574820c1cb262660c3
5824899ab2efa0129ca31c289db9e4711d44bad6a05251d630bab656092e000c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432820&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A283-226516-16%7Etcm%3A91-223647-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432820&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A283-226516-16%7Etcm%3A91-223647-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432820&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A283-226516-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=xTrDXXhlPDpTZfWptB0j9Pbq0f6Zw6Efjb0ctwVTImQ%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19279-56888
2549153.fls.doubleclick.net/activityi;src=2549153;type=bisf90;cat=all_a0;ord=5314570220524;gtm=2od8g0;auiddc=613543707.1667611433;u1=11202211041823511895077459;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F?
142.250.74.70200 OK 317 B URL HTTP/2 2549153.fls.doubleclick.net/activityi;src=2549153;type=bisf90;cat=all_a0;ord=5314570220524;gtm=2od8g0;auiddc=613543707.1667611433;u1=11202211041823511895077459;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (556), with no line terminators
Hash ecbe7bab13022f39972d129b4742912c
1de2d08aef32357da9e1a25ecb5b866d9c24a616
2895556ade9a17216df9c4d96e20a4d01ae5a36290fda667986bf7065c771b04
GET /activityi;src=2549153;type=bisf90;cat=all_a0;ord=5314570220524;gtm=2od8g0;auiddc=613543707.1667611433;u1=11202211041823511895077459;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F? HTTP/1.1
Host: 2549153.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:23:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 317
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Nov-2022 01:38:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/ga/ga_conversion_async.js
23.36.79.26200 OK 14 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (35846)
Hash 42c817a7b5f9583b2bc70f742dc950c9
ff75711716f8605860abe551b0235f7194e4348e
881b430ac699f32b3b5234582494d1f4fc0d22be1e6ac797847d66bc5ebc250f
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ewdWVpqwNrcbSzlKH9NSdA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c529f3f6856ef48de1a036dff13e0012
e6aa76377376e8144bb8c7574820c1cb262660c3
5824899ab2efa0129ca31c289db9e4711d44bad6a05251d630bab656092e000c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
67.208.167.225200 OK 266 B URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
IP 67.208.167.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a671bc4e541aadc71fd7812d93af15e7
3b8c76ac113e54f3d413e09807f3661c72d0f6b5
ef16255038c7c5847295c3c434243418d898b7b40a9095aeeb65e3ddb7579383
GET /tagserver/nuanceChat.html?UUID=WF_10006005 HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "+6ZNxP/6RTk"
Last-Modified: Wed, 26 Oct 2022 03:56:48 GMT
Accept-Ranges: bytes
Content-Type: text/html; charset=utf-8
Content-Length: 266
Date: Sat, 05 Nov 2022 01:23:54 GMT
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432827&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-226451%7Etcm%3A84-1029-2
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432827&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-226451%7Etcm%3A84-1029-2
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432827&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-226451%7Etcm%3A84-1029-2 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=PWxX6JWNBnnXbuwuPMnZM7N4RhtzOHC0cAABDhQ4VmK5MHbrGw0S3jRzRaXz7aF8; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19279-56896
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1790179afa8a458763a406eeac38c0c3
c6fb052531d683e0128b7e4fe9a0de1fbc1eddf0
93325754a32452dddfe8fc1aa7d9f04f27689763c51d5cbb94f2753b54e1390c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 13:42:59 GMT
Expires: Wed, 09 Nov 2022 13:42:58 GMT
Etag: "c6fb052531d683e0128b7e4fe9a0de1fbc1eddf0"
Cache-Control: max-age=389343,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7651c9679c18b4f1-OSL
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432824&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226480-16%7Etcm%3A91-226306-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432824&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226480-16%7Etcm%3A91-226306-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432824&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226480-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=7Hvpa9ZoFuMuTsQ6u3Y5ITXBTb7GPbbQ+ByQRsS7Sb4%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19312-61594
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.131.129200 OK 977 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type JSON data\012- , ASCII text, with very long lines (2453), with no line terminators
Hash 683be58c32e277e5c8467f31a8737005
68400817f512ad06414f5afcab30579fc76c0622
0da163bc4a0d6da89e58c8f56a2ae18db021b68e4679878fa09f778b1a3d953f
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Content-Type: application/json
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Content-Length: 278
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 977
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-f5220294-b70c-4c3c-bc0b-a07ee081419d' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:60; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:4ae3cb84-a958-4393-b9a8-e2e467da6fb7; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:4ae3cb84-a958-4393-b9a8-e2e467da6fb7|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:60; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=6FF549F2181AE0C4D3A8F7233E3C6444; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 05-Nov-2023 01:23:54 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202211041823541710165995; domain=.wellsfargo.com; path=/; expires=2 Nov 2032 01:23:54 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=NfnHKvG9NkG6R5P+Qg7DPFyhCBVrEpgWhNA3zRVje7E%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19378-19559
static.wellsfargo.com/tracking/ga/ec.js
23.36.79.26200 OK 1.3 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ec.js
IP 23.36.79.26:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2771)
Hash 8a1d22ba0de1104dcdc02a582b407ed2
e4d90fd13a73c7379c46b197ded523a5d33c69b9
4a44a1a7efd65360f31e0b1842ad06b7fedc7c0373c69c0077c696cd49cc35de
GET /tracking/ga/ec.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=1bS9IE+%2fi4oB57U2miU9Ew%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d65c94a3bfe8605059e5e626ea0fa57e
b0fbc3577331b82efc8e320095b8d8705a6360d3
0878edd256a972f526d7053cdebceb28241db5662cc7660a10f1b4c3430c43c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=41833222&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&ul=en-us&de=UTF-8&dt=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=1205856925&gjid=1380150129&cid=1487898131.1667611433&tid=UA-107148943-1&_gid=1607614707.1667611433&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202211041823511895077459&cd12=BROWSER&cd22=hp&cd23=4.48.0>m=2ou8g0&cd35=1487898131.1667611433&z=276899277
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=41833222&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&ul=en-us&de=UTF-8&dt=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=1205856925&gjid=1380150129&cid=1487898131.1667611433&tid=UA-107148943-1&_gid=1607614707.1667611433&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202211041823511895077459&cd12=BROWSER&cd22=hp&cd23=4.48.0>m=2ou8g0&cd35=1487898131.1667611433&z=276899277
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j92&aip=1&a=41833222&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&ul=en-us&de=UTF-8&dt=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=1205856925&gjid=1380150129&cid=1487898131.1667611433&tid=UA-107148943-1&_gid=1607614707.1667611433&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202211041823511895077459&cd12=BROWSER&cd22=hp&cd23=4.48.0>m=2ou8g0&cd35=1487898131.1667611433&z=276899277 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
date: Sat, 05 Nov 2022 01:23:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/as/jsLog
163.171.131.129200 OK 0 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/as/jsLog
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 173
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:1$_ss:1$_st:1667613231152$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=182607520; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1668216232%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-0f3bdf3f-0220-49b5-9760-ed70fa48a914' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:60; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:300f0fb0-d1f8-4787-8902-55584602d4a1; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:300f0fb0-d1f8-4787-8902-55584602d4a1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=FA11610C4773BB326A25EB0249E7493F; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 05-Nov-2023 01:23:54 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120221104182354343976477; domain=.wellsfargo.com; path=/; expires=2 Nov 2032 01:23:54 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:34|i:206915; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206915|e:14; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206915|e:14|d:0; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
DCID=vwJY0Vn+BY0ToUoHRcv5O7OJggWRNnpCBbMunqFsuWL3wG+weXBa6hP0NUPV5Kwo; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl22:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb29_bl22_20346-28382
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.131.129200 OK 976 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type JSON data\012- , ASCII text, with very long lines (2443), with no line terminators
Hash 07b772a92d84a000368d333e610ea898
928d1f93e11b4a305dbe74ea44d5830ef4e6d7c3
95d5f1937d1af9ff41196f0500ceaecbc166cab3c3575d26e6f39fbe8f4cadb0
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Content-Type: application/json
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Content-Length: 268
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 976
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-3a16e6be-d006-45f3-8d0c-5429977bc154' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:60; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:bdd54c6a-d640-46bd-85db-f20cdc50f67e; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:bdd54c6a-d640-46bd-85db-f20cdc50f67e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:60; Expires=Sat, 05-Nov-2022 01:24:24 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=E088F9B0412CB19586609D7B6763A542; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 05-Nov-2023 01:23:54 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202211041823541247394861; domain=.wellsfargo.com; path=/; expires=2 Nov 2032 01:23:54 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=0CSyMjlwjl+xYDMKvIcnDD0VfZYqRKumFmdnbrwiAkZhwkJSCL4YtTKxbmvBjltz; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19312-61582
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432837&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242063-16%7Etcm%3A91-228643-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432837&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242063-16%7Etcm%3A91-228643-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432837&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242063-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=zsuxvoeXXF0QwbcSJZ%2fyUi43mL%2fRngCuw3OmQ2gKJA2tNybCK1g9BIt5fGl1YR7m; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19312-61616
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.24200 OK 607 B URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 00c66df208db2e1ba86a1bf44853001c
703b030e21167b9bbb52ae54bca96921a886c2dc
ab1989dd07ba1ed256db9131647ea9cb1b3735fac736fd27fb73b4b44c6e45b9
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 26 Oct 2022 01:50:40 GMT
Vary: Accept-Encoding
ETag: W/"63589270-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=G4FzSJHSCxl7Vhc80%2fwFJ7cNmNiHNYdEeMxjOwjd3TFBgYzmuFvEbbgN0lKOyM80; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432841&offerType=iaRendered&slotId=WF_BIZ_HP_SML_PRIMARY&offerId=B_olb_digitalresourcecenterrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242063-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432841&offerType=iaRendered&slotId=WF_BIZ_HP_SML_PRIMARY&offerId=B_olb_digitalresourcecenterrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242063-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432841&offerType=iaRendered&slotId=WF_BIZ_HP_SML_PRIMARY&offerId=B_olb_digitalresourcecenterrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242063-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=R8NVXX0ZbGEHJgdEDGUqAfIUFfUp3LQHshd5HsgFb6nNCBumBG4H174pxWcTP7JR; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19378-19575
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4a9066e8faeec7f06d9a7e91bef8ff52
699ce1c29412a4c3f9018f4deceb3db399ddcd29
46461d19bf1ea06f23d89c4179135eaca9d7c8753a91e913b3adaf2615bee36f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js
67.208.167.225200 OK 5.9 kB URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js
IP 67.208.167.225:0
Hash 0ceb2e3aaf3130b64517eee5e5583179
49fb8fbb16b1585e19a8911f59cd7ea234c5b607
9d486489da6c1ff7c439641bc384a2e0c9e4da32c2ab73f71d1fffc4bacefc5b
GET /tagserver/frame-bridge.js HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "+YmUhczVC0A"
Last-Modified: Wed, 26 Oct 2022 03:56:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 5926
Date: Sat, 05 Nov 2022 01:23:54 GMT
adservice.google.com/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=5314570220524;gtm=2od8g0;auiddc=613543707.1667611433;u1=11202211041823511895077459;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
216.58.207.194200 OK 317 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=5314570220524;gtm=2od8g0;auiddc=613543707.1667611433;u1=11202211041823511895077459;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (555), with no line terminators
Hash 78ef67f82fb24300c204dbb0860c8511
3d801bfc15fb99b03364fc9cab286386fc7b90bd
5d821f3a20ae0d78257f26e35add47e31d73235800ab9454af07a5005afaba14
GET /ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=5314570220524;gtm=2od8g0;auiddc=613543707.1667611433;u1=11202211041823511895077459;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2549153.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:23:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d65c94a3bfe8605059e5e626ea0fa57e
b0fbc3577331b82efc8e320095b8d8705a6360d3
0878edd256a972f526d7053cdebceb28241db5662cc7660a10f1b4c3430c43c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432831&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-253922-16%7Etcm%3A91-223657-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432831&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-253922-16%7Etcm%3A91-223657-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432831&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-253922-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=NUD79s9yoxQPVa3ovVSSdqdt9J%2fiPYtQ+pBbiobS38I%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19279-56900
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4a9066e8faeec7f06d9a7e91bef8ff52
699ce1c29412a4c3f9018f4deceb3db399ddcd29
46461d19bf1ea06f23d89c4179135eaca9d7c8753a91e913b3adaf2615bee36f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a6913d09d2b8cbd80ef370c1997143ec
61873208c5852b9f13b1a60d408ec8b239c48c81
291bfcf11419acdfafebb4a1d789302bcbae25eff3a3a847a251e912ef5854b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1487898131.1667611433&jid=1205856925&gjid=1380150129&_gid=1607614707.1667611433&_u=4GBACUAKBAAAAC~&z=1500404116
64.233.165.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1487898131.1667611433&jid=1205856925&gjid=1380150129&_gid=1607614707.1667611433&_u=4GBACUAKBAAAAC~&z=1500404116
IP 64.233.165.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1487898131.1667611433&jid=1205856925&gjid=1380150129&_gid=1607614707.1667611433&_u=4GBACUAKBAAAAC~&z=1500404116 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 05 Nov 2022 01:23:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432834&offerType=iaRendered&slotId=WF_BIZ_HP_PRIMARY_BNR&offerId=B_oth_sbdigitalrsvp_bishpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-253922-16%7Etcm%3A91-223657-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432834&offerType=iaRendered&slotId=WF_BIZ_HP_PRIMARY_BNR&offerId=B_oth_sbdigitalrsvp_bishpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-253922-16%7Etcm%3A91-223657-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432834&offerType=iaRendered&slotId=WF_BIZ_HP_PRIMARY_BNR&offerId=B_oth_sbdigitalrsvp_bishpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-253922-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ClbbzTJAb9niDiSbEu4oAixnQPzLh2oirZmlXdZOJwI%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19279-56908
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a6913d09d2b8cbd80ef370c1997143ec
61873208c5852b9f13b1a60d408ec8b239c48c81
291bfcf11419acdfafebb4a1d789302bcbae25eff3a3a847a251e912ef5854b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1667611432853&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1667611432853&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1667611432853&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=G8fgUF4uLBmlU%2fujVY+yilMuHi1MpPqM%2fufRGFl6KTS8XcjcxlwlJXhK4hnqxkAU; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19378-19585
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d9b08c38f0415438f5f92380ecb902bb
521f94256b2e677cebf32404641ea8b23c18b2a4
696a8fc71eb173d6434e990a93fca753df22378de0e3014f529db7654d27cf77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=5314570220524;gtm=2od8g0;auiddc=613543707.1667611433;u1=11202211041823511895077459;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
216.58.207.194200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=5314570220524;gtm=2od8g0;auiddc=613543707.1667611433;u1=11202211041823511895077459;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=5314570220524;gtm=2od8g0;auiddc=613543707.1667611433;u1=11202211041823511895077459;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:23:54 GMT
expires: Sat, 05 Nov 2022 01:23:54 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk
67.208.167.225200 OK 2.0 kB URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk
IP 67.208.167.225:0
File type ASCII text, with very long lines (1064)
Hash bbb94fdc081be8e45199ccf472aef4c3
28220544fa88403c62a7baf9cdff9df31b4cad83
3f3e9f8894e889fb1c774f2293366b207f8148b86556fad38dfbb406521b7a0a
GET /chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: no-cache
ETag: "8uUMWH3OOev"
Last-Modified: Wed, 26 Oct 2022 04:11:45 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 1990
Date: Sat, 05 Nov 2022 01:23:54 GMT
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1667611432847&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1667611432847&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1667611432847&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=eRPSm%2fyzThl6EBS95lVrLcC0m8b9ddPE2zs%2fdC2RC+0%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19312-61625
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.36817245088213857
23.36.79.24200 OK 37 kB URL HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.36817245088213857
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash fe5a123fc71a27ff189b6878d5e8d343
f43315a467edf902f936cd603a31c06e3122316b
fdb33b67df39f9531f886d363281a1c762bcbf7719690d1059b5cdfa6c4c0a73
GET /PIDO/pic.js?r=0.36817245088213857 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37320
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 05 Nov 2022 01:23:54 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=FKQoOH6rsNA+pBxjyyvxeZNYqqQeccya1Jb%2f4Q2o9BQ%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432855&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238610-16%7Etcm%3A91-228643-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432855&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238610-16%7Etcm%3A91-228643-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432855&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238610-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:54 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ozHwLhZFnGqNu1Y9HaGyQ9NsZAE5DJJ%2fdCMilG7Kmrc%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19279-56941
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d9b08c38f0415438f5f92380ecb902bb
521f94256b2e677cebf32404641ea8b23c18b2a4
696a8fc71eb173d6434e990a93fca753df22378de0e3014f529db7654d27cf77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c58a8517bc05ee5a578793276df9fcc
3cd96c586eb0e358cc89b8057d59059da715bee0
1f4fb276ff15f9b8fa27db7f83a8fff2332cad6f50a13f51bb0ef69fb869e613
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5499
Cache-Control: max-age=142379
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:55 GMT
Etag: "63652edb-1d7"
Expires: Sun, 06 Nov 2022 16:56:54 GMT
Last-Modified: Fri, 04 Nov 2022 15:25:15 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c58a8517bc05ee5a578793276df9fcc
3cd96c586eb0e358cc89b8057d59059da715bee0
1f4fb276ff15f9b8fa27db7f83a8fff2332cad6f50a13f51bb0ef69fb869e613
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2630
Cache-Control: max-age=139510
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:55 GMT
Etag: "63652edb-1d7"
Expires: Sun, 06 Nov 2022 16:09:05 GMT
Last-Modified: Fri, 04 Nov 2022 15:25:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432844&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238608-16%7Etcm%3A91-228643-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432844&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238608-16%7Etcm%3A91-228643-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432844&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238608-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:55 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=XPZiPf6TckAcCl9XLq9HRBSZjuOaJl8fEYZDIGNuf4E%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_20346-28415
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1667611432858&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=4
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1667611432858&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=4
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1667611432858&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=4 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:55 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=iLMLCGAuO2df08z72IHEendfu3C%2fGcuJfdgtILGzab8%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:55 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19279-56951
www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432850&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238609-16%7Etcm%3A91-228643-32
163.171.131.129200 OK 43 B URL HTTP/1.1 www--wellsfargo--com--wr49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432850&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238609-16%7Etcm%3A91-228643-32
IP 163.171.131.129:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1667611432850&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238609-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--wr49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!rIGBwXF9AEgCxHGlRSgBVljp+3g9lW4KGpwpnoVu5CfwNkMwYecpAfRP+X7dLKyIHr3YSkaq4HaCO5w=; utag_main=v_id:0184456310ef001f683ac3aa266500050003e00900918$_sn:1$_se:2$_ss:0$_st:1667613232724$ses_id:1667611431152%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:1bcb6319-cfb5-4425-be99-962a60ec22cc|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:60; __ts_xfdF3__=793453894; dti_apg=%7B%22_rt%22%3A%22DQ0SW6As0yDJ8CmqvzrJ7o4aCPu4lkau72g5%2BDac1%2BE%3D%22%2C%22_s%22%3A%22RhtSSsYQ%22%2C%22c%22%3A%22MDhVSEhKOGlsQ1Joc2c3UA%3D%3D1xftMYwSm0VCNXobzWeZI4_9qAcxoCwTy0xf_sMBm9vQ4GRJzhiJvPNXSQM07iKAHu-NKSzIsaPHs5FqgRzY8snZZg1YXTGlRMg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C23260088063362468863200146012438003895%7CMCAAMLH-1668216232%7C6%7CMCAAMB-1667611431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-669649968%7CMCOPTOUT-1667618632s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=0e9a1d12-9d89-44ad-8748-6b064dde2f06; _cls_s=1aa64e31-851d-4dce-9953-dbaf8fcdb0fc:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 01:23:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Nov 2022 01:23:55 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Wo8SCe2Q22tKrgpCGB2eE6Bc002zeb23CSCCxBvLjxO6ml148USuLrAIWJJgviuK; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6365bb2a_bl22_19312-61630
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.060667689297008054
23.36.79.24200 OK 35 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.060667689297008054
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4c94195dee43bebcf8e4711f95a4fca2
0c623e59c97ec8cbe1c77ac215eec41589af394f
f72bc2f04e44f3093ff81eae33c6ab5f20986dc199ada5a81c449fc08b076b4c
GET /AIDO/mint.js?dt=login&r=0.060667689297008054 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 34704
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 05 Nov 2022 01:23:55 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=d6gaWxtjY2N3zZEHj9wZcxzfev7ldZcBB63lMwJ%2flU+o81Ik4iHmkdkW92ceBC3A; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
23.36.79.24200 OK 17 kB URL HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2285)
Hash a57713f2da7cad0d78dbef9a38942154
5d45319f79ad8b73ca2827ed66f70887c7b94bca
42011a03ee1dd38d6a1f011f962d80b08ce1ca453080ef277a0c98f08a76051f
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
X-Cnection: close
Content-Length: 16945
Date: Sat, 05 Nov 2022 01:23:55 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:83997cb3-6b28-4704-8511-beda466af0e7; Expires=Sat, 05-Nov-2022 01:24:25 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:83997cb3-6b28-4704-8511-beda466af0e7|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05-Nov-2022 01:24:25 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 05-Nov-2022 01:24:25 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sat, 05-Nov-2022 01:24:25 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Sat, 05-Nov-2022 01:24:25 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=EJPcZMtx4gebP6idiKGnPOH%2fR7lx7vTZezLggPJq22wzn0m2H54mJOTmXzFZjseQ; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:55 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/dti_apg/api/dip/v1/dip
23.36.79.24200 OK 206 B URL HTTP/1.1 connect.secure.wellsfargo.com/dti_apg/api/dip/v1/dip
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 4e5ed33743d3241928acdf771e843fea
eb0218c2bbe520c0b4c26c357dab9a658e90841f
a9bee732ac0f9daaf9b68727998d904158d23018ee62d9fe56889bebc4791be1
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 2028
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 206
Access-Control-Allow-Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Vary: Origin, Accept-Encoding
x-envoy-upstream-service-time: 10
Date: Sat, 05 Nov 2022 01:23:55 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=S%2fBd77pjsgvjN%2fjiN%2fXIX32gYNp021O%2fNFEAixFXd9%2fIhDg6M3pQJ4DFBCP9Plbh; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:55 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/glu.js
23.36.79.24200 OK 34 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash f0d164beac8f1e9ffff0ba977ae89908
0a77c35f78dffe056b15833a4b9ae33944ac789b
ce726ef44e84d03f2a87f58418c87743594c98ae4afdfabc35f279ad2e3bccb4
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 34013
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Sat, 05 Nov 2022 01:23:55 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=0kT8cVxQGD7dyIiEY5gs5oGElZnYnwgxTUlCg%2fPLept2MPO8tJYBRtdkBLTDTmQm; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
50.112.174.169200 OK 35 B URL HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 50.112.174.169:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11205
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 01:23:55 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:730517c6-2fc0-4339-ba0e-91eeeac8d4ac;Path=/;Expires=Sat, 05-Nov-2022 01:24:25 GMT;Max-Age=30
ADRUM_BTa=R:55|g:730517c6-2fc0-4339-ba0e-91eeeac8d4ac|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Sat, 05-Nov-2022 01:24:25 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Sat, 05-Nov-2022 01:24:25 GMT;Max-Age=30;Secure
ADRUM_BT1=R:55|i:559461;Path=/;Expires=Sat, 05-Nov-2022 01:24:25 GMT;Max-Age=30
ADRUM_BT1=R:55|i:559461|e:1;Path=/;Expires=Sat, 05-Nov-2022 01:24:25 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5de5a7ee16d3f3164758282fbecef0a3
82fb2ac7d306e1f9724adc0ba2ef9e549baa9100
ad55f91c5fb1f872310a5f5777a65b79a338138d241a674449da2e0edde1f2ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 01:23:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1487898131.1667611433&jid=1205856925&_u=4GBACUAKBAAAAC~&z=1091694053
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1487898131.1667611433&jid=1205856925&_u=4GBACUAKBAAAAC~&z=1091694053
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1487898131.1667611433&jid=1205856925&_u=4GBACUAKBAAAAC~&z=1091694053 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:23:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1667611433228&cv=9&fst=1667611433228&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&tiba=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&hn=www.google.com&async=1
142.250.74.98302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1667611433228&cv=9&fst=1667611433228&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&tiba=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&hn=www.google.com&async=1
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/984436569/?random=1667611433228&cv=9&fst=1667611433228&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&tiba=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&hn=www.google.com&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:23:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/984436569/?random=1667611433228&cv=9&fst=1667610000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&tiba=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&async=1&is_vtc=1&random=3455571668&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Nov-2022 01:38:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1666757456297
67.208.167.225200 OK 2.3 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1666757456297
IP 67.208.167.225:0
File type ASCII text, with very long lines (7108), with no line terminators
Hash 69248df2e4cd19badf361961108eec5e
86054d9394816797a159f91274bf9c97033a9024
4879bdd8f9d0bd0597e5df3170a4164ca2ca3aaab294b91dd49332db9d36f290
GET /media/launch/sdkChatLoader.min.js?codeVersion=1666757456297 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "6Cu8yUJ1UkL"
Last-Modified: Wed, 26 Oct 2022 04:01:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 2292
Date: Sat, 05 Nov 2022 01:23:55 GMT
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
50.112.174.169200 OK 68 B URL HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 50.112.174.169:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1c56c7fb90221afddf56da30158ad2ef
8a845fff26270c2638fd6ec75423cae4903a8f49
925eef11602c9b08e433a33ce4d5c86a5f2f8b1dd959a04b0fac5490cf688f6e
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 01:23:55 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1666757456297
67.208.167.225200 OK 32 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1666757456297
IP 67.208.167.225:0
File type Unicode text, UTF-8 text, with very long lines (59866)
Hash 60b986c9fc7d0d86f391c5cdb7bad000
6a5b7babf6cf6e0c82d08c39d4b7fe4b2e26e225
a64901f298f6224683ae659a5ba807659daf4d4cfdbece3e4125af288084f820
GET /media/launch/site_10006005_default_helper.js?codeVersion=1666757456297 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "GM59iyG41n+"
Last-Modified: Wed, 26 Oct 2022 04:11:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Sat, 05 Nov 2022 01:23:55 GMT
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBPVUVzb0RmYVJSN3ptYmJxRWxXY1dNVndkbUtIc0ZLNTVuaFhaL0gxMVpZellvaUs3ZGVkbEJpYWlZWmVuL0J6OWI5bnRobU5XSDFuam84YmZ5RVFqLzN3S3ZhSmg1bVl2MkNpdlk3NnhQN1Q5ZU5oWkx2eEVOZWJVM3BOQS8zblJIbnZxSTBhbll3dTV4dUtiKzJTM09kYVlTZU5BZDdQc0E4TUZsZy91cVVDODJGU0tHSGhzYjN0aXdINEVzVXhlWERPeG1jRmIrb01McTNQaHlzbysxUzY2ek81QVplYlVUTTVkZnNrS0x6eHNqOUYvWFB3c0hyMlhFZjI5bE00WWJtSnRlRC9EYkRKdU90ZkZQT09RUm9WUEk2MnZ1ZHllQjN4b2U5dURycld3V0pTS2VWRExxcmt2RHAxaHRVRGZiRUlyelQ1eUlDUnBlcGc3VDdicHcxZEU1V1BGcFhSMXpFckJuVE93NlZYTTNyQ01pVE55Q25oUjFPdkpoY3EwM1ZZS21UbkFhMzVOVGovWWdDRnNUWVR8N2QwYzkwYjJkMmJkMzQ5ODFiYzI1YThhMTRmOGFiZDQ5MTMwMDc5M2Q0NWI1MWRmMmU3NWM5ZDBiOGFlODc1M2QzYmY3MWU3MDgwMTMzZWFiMzdmZDQ4YzA0ZTA5MTJkZDhhYWE3ZmVkMjU5NGNkMDRhMTAyYWNmMmE2ZWVmMzYyNWVjNDg4MTliMGM3ODY1ZGRkOWJhNjk4NGRkMzE1YWFjYTYxMTZmMzJiNzhhNmZjM2JlOTgxOTc1MmQyYzJmNzJlN2ZkM2Q1Y2Q3YzU2ZTczNjU3ZGVkOTFjNmFmZjYzNDUyNDMwZDljYzRiYTNhN2I3YmYyZDNjOTFmYTE0ZDExZTg3NWFlZTM5YWUzOTZiMTBhN2M4NDQzOTZjODE1ZGU2YTVlYjdlOTY2ODJjZjQxMjdiZTg4NzI3ZTlkMjI0ODMzODFmYTZiNzVjNzgzMDgwZjNhOTBiNTljZmQ2MDZiOWUxZjJhNzcwNTQzM2EyYTE3NzVkYzMwMDQ3NjhlZjRkNTM3YmZkOWVjMDEzNjk3NjQ3NTNmYjNlOGMyZDBkNmQyZTE5NTkyZjVmNTQ0NzY1NzM2MjBiNzMwMGYxNGEwMTYyNTEwMDkyMjhkNTQ4NjRhODliNDYyNTViNDdjZTBkZWI2ZTk4OGQ2OTllNDNhYjBiYjFjNzk4ZmVhZmR8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com&t=jsonp&c=qfyqasezmawknlpp&eu=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
23.36.79.24200 OK 90 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBPVUVzb0RmYVJSN3ptYmJxRWxXY1dNVndkbUtIc0ZLNTVuaFhaL0gxMVpZellvaUs3ZGVkbEJpYWlZWmVuL0J6OWI5bnRobU5XSDFuam84YmZ5RVFqLzN3S3ZhSmg1bVl2MkNpdlk3NnhQN1Q5ZU5oWkx2eEVOZWJVM3BOQS8zblJIbnZxSTBhbll3dTV4dUtiKzJTM09kYVlTZU5BZDdQc0E4TUZsZy91cVVDODJGU0tHSGhzYjN0aXdINEVzVXhlWERPeG1jRmIrb01McTNQaHlzbysxUzY2ek81QVplYlVUTTVkZnNrS0x6eHNqOUYvWFB3c0hyMlhFZjI5bE00WWJtSnRlRC9EYkRKdU90ZkZQT09RUm9WUEk2MnZ1ZHllQjN4b2U5dURycld3V0pTS2VWRExxcmt2RHAxaHRVRGZiRUlyelQ1eUlDUnBlcGc3VDdicHcxZEU1V1BGcFhSMXpFckJuVE93NlZYTTNyQ01pVE55Q25oUjFPdkpoY3EwM1ZZS21UbkFhMzVOVGovWWdDRnNUWVR8N2QwYzkwYjJkMmJkMzQ5ODFiYzI1YThhMTRmOGFiZDQ5MTMwMDc5M2Q0NWI1MWRmMmU3NWM5ZDBiOGFlODc1M2QzYmY3MWU3MDgwMTMzZWFiMzdmZDQ4YzA0ZTA5MTJkZDhhYWE3ZmVkMjU5NGNkMDRhMTAyYWNmMmE2ZWVmMzYyNWVjNDg4MTliMGM3ODY1ZGRkOWJhNjk4NGRkMzE1YWFjYTYxMTZmMzJiNzhhNmZjM2JlOTgxOTc1MmQyYzJmNzJlN2ZkM2Q1Y2Q3YzU2ZTczNjU3ZGVkOTFjNmFmZjYzNDUyNDMwZDljYzRiYTNhN2I3YmYyZDNjOTFmYTE0ZDExZTg3NWFlZTM5YWUzOTZiMTBhN2M4NDQzOTZjODE1ZGU2YTVlYjdlOTY2ODJjZjQxMjdiZTg4NzI3ZTlkMjI0ODMzODFmYTZiNzVjNzgzMDgwZjNhOTBiNTljZmQ2MDZiOWUxZjJhNzcwNTQzM2EyYTE3NzVkYzMwMDQ3NjhlZjRkNTM3YmZkOWVjMDEzNjk3NjQ3NTNmYjNlOGMyZDBkNmQyZTE5NTkyZjVmNTQ0NzY1NzM2MjBiNzMwMGYxNGEwMTYyNTEwMDkyMjhkNTQ4NjRhODliNDYyNTViNDdjZTBkZWI2ZTk4OGQ2OTllNDNhYjBiYjFjNzk4ZmVhZmR8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com&t=jsonp&c=qfyqasezmawknlpp&eu=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash bd2295e73612c0afcddcbad35856dc66
dac296861916ca3f3450278fb5480cfdf6210723
56eb071264f15a8a4c7d4a6ebdff51901936f3237d1613695cfabc0bb33cf57b
GET /AIDO/vyHb?d=ZW5jZEBPVUVzb0RmYVJSN3ptYmJxRWxXY1dNVndkbUtIc0ZLNTVuaFhaL0gxMVpZellvaUs3ZGVkbEJpYWlZWmVuL0J6OWI5bnRobU5XSDFuam84YmZ5RVFqLzN3S3ZhSmg1bVl2MkNpdlk3NnhQN1Q5ZU5oWkx2eEVOZWJVM3BOQS8zblJIbnZxSTBhbll3dTV4dUtiKzJTM09kYVlTZU5BZDdQc0E4TUZsZy91cVVDODJGU0tHSGhzYjN0aXdINEVzVXhlWERPeG1jRmIrb01McTNQaHlzbysxUzY2ek81QVplYlVUTTVkZnNrS0x6eHNqOUYvWFB3c0hyMlhFZjI5bE00WWJtSnRlRC9EYkRKdU90ZkZQT09RUm9WUEk2MnZ1ZHllQjN4b2U5dURycld3V0pTS2VWRExxcmt2RHAxaHRVRGZiRUlyelQ1eUlDUnBlcGc3VDdicHcxZEU1V1BGcFhSMXpFckJuVE93NlZYTTNyQ01pVE55Q25oUjFPdkpoY3EwM1ZZS21UbkFhMzVOVGovWWdDRnNUWVR8N2QwYzkwYjJkMmJkMzQ5ODFiYzI1YThhMTRmOGFiZDQ5MTMwMDc5M2Q0NWI1MWRmMmU3NWM5ZDBiOGFlODc1M2QzYmY3MWU3MDgwMTMzZWFiMzdmZDQ4YzA0ZTA5MTJkZDhhYWE3ZmVkMjU5NGNkMDRhMTAyYWNmMmE2ZWVmMzYyNWVjNDg4MTliMGM3ODY1ZGRkOWJhNjk4NGRkMzE1YWFjYTYxMTZmMzJiNzhhNmZjM2JlOTgxOTc1MmQyYzJmNzJlN2ZkM2Q1Y2Q3YzU2ZTczNjU3ZGVkOTFjNmFmZjYzNDUyNDMwZDljYzRiYTNhN2I3YmYyZDNjOTFmYTE0ZDExZTg3NWFlZTM5YWUzOTZiMTBhN2M4NDQzOTZjODE1ZGU2YTVlYjdlOTY2ODJjZjQxMjdiZTg4NzI3ZTlkMjI0ODMzODFmYTZiNzVjNzgzMDgwZjNhOTBiNTljZmQ2MDZiOWUxZjJhNzcwNTQzM2EyYTE3NzVkYzMwMDQ3NjhlZjRkNTM3YmZkOWVjMDEzNjk3NjQ3NTNmYjNlOGMyZDBkNmQyZTE5NTkyZjVmNTQ0NzY1NzM2MjBiNzMwMGYxNGEwMTYyNTEwMDkyMjhkNTQ4NjRhODliNDYyNTViNDdjZTBkZWI2ZTk4OGQ2OTllNDNhYjBiYjFjNzk4ZmVhZmR8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com&t=jsonp&c=qfyqasezmawknlpp&eu=https%3A%2F%2Fwww--wellsfargo--com--wr49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Sat, 05 Nov 2022 01:23:56 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=R8xXf3bzMCwpxaSUXgwsIP07TthpCfNEIVOxAh%2f0nWeQLWWXMWaqBMZ28KECXmwg; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:55 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1666757456297
67.208.167.225200 OK 26 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1666757456297
IP 67.208.167.225:0
File type ASCII text, with very long lines (5905)
Hash 0f049c0c13b09b3704fbd53f7e4632fd
9b799cd267c63fa239104d6d2be2ba1e247ef22e
27a7c8f26dfdbf924c8ccddb778c9511d13f0e09af4e1da6a9d1f9a4a7849f77
GET /media/launch/site_10006005_default_jssdk.js?codeVersion=1666757456297 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "HNrTdjmiBjh"
Last-Modified: Wed, 26 Oct 2022 04:11:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Sat, 05 Nov 2022 01:23:56 GMT
connect.secure.wellsfargo.com/dti_apg/api/imp/v1.0/report/?m&fq=load
23.36.79.24200 OK 265 B URL HTTP/1.1 connect.secure.wellsfargo.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 9bef644ece0fcd9ad1ac9c30cb849653
82793f703bc9c520a81b02b989e13eb20da2ae39
a24ffd1816104c9f508ea43687a3cc02e0bf11740d4e26b1f178fe66677d2dab
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Content-Length: 668
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com
Content-Type: text/plain
Content-Length: 265
Vary: Accept-Encoding
Date: Sat, 05 Nov 2022 01:23:56 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=i0AjzvAWndRisoKWJK7RjExtgFhZnjDqa1q4TSNk4n%2fSGY6f6lE0waWY2o+gz1bc; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Nov 2022 01:38:56 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1666757456297
67.208.167.225200 OK 137 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1666757456297
IP 67.208.167.225:0
Size 137 kB (136694 bytes)
Hash ab2bf767918aa77ef910741aa1cf0d54
44a3f23ecab27cde59fae459842d903d2b7f4d0d
3394c9643f0ab5ebfb15d537b20bcfdb4805fc2fdfe021369a2f2575daaf3b2b
GET /media/launch/all_10006005.json?codeVersion=1666757456297 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "H9RjAMC45l0"
Last-Modified: Wed, 26 Oct 2022 04:11:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/json
Transfer-Encoding: chunked
Date: Sat, 05 Nov 2022 01:23:56 GMT
media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1666757456297
67.208.167.225200 OK 133 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1666757456297
IP 67.208.167.225:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 133 kB (132853 bytes)
Hash 1d2a4a5c92d441b5f744de8e85ecbf1f
de0f12a642aa783fb071a17fe458ea7b0bddc80f
6948b491a1587b46c4bf38f6bcb132c6c9f1019dd00828c86a8238cfa19cb543
GET /media/launch/tcFramework_jssdk.min.js?codeVersion=1666757456297 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "DOa+UaSp/YU"
Last-Modified: Wed, 26 Oct 2022 04:01:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Sat, 05 Nov 2022 01:23:57 GMT
tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1666757456297
67.208.167.225200 OK 6.5 kB URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1666757456297
IP 67.208.167.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- Java source text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (807)
Hash 92c92a14d7348502d53a96ffb124e505
541bcbda5db19216712a37552092329b09a6301e
9f86b1cce23c8debd8f30ae3d4284689d83fe289f2e006e623e62eb0f90cbf67
GET /tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1666757456297 HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "AN7QOU24IDr"
Last-Modified: Wed, 26 Oct 2022 03:56:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Content-Length: 6470
Date: Sat, 05 Nov 2022 01:23:58 GMT
tag-wellsfargo.nod-glb.nuance.com/tagserver/init/isTrustedDomain
67.208.167.225200 OK 0 B URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/tagserver/init/isTrustedDomain
IP 67.208.167.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tagserver/init/isTrustedDomain HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 70
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1666757456297
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://tag-wellsfargo.nod-glb.nuance.com
Vary: Origin
Access-Control-Allow-Credentials: true
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
Content-Type: text/html; charset=utf-8
Content-Length: 0
Date: Sat, 05 Nov 2022 01:23:58 GMT
tag-wellsfargo.nod-glb.nuance.com/tagserver/init/initFramework
67.208.167.225200 OK 236 B URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/tagserver/init/initFramework
IP 67.208.167.225:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2a076bb9a1b5f81427a39859cc7338bb
641f60ed8a00b2298e04a103ae03922dc85d65d5
dc97b00edea8e8a54caf171639747ff89c4bb2634ea7c6481d5af41809c25fb3
POST /tagserver/init/initFramework HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 206
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1666757456297
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://tag-wellsfargo.nod-glb.nuance.com
Vary: Origin
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
Content-Language: en-US
Content-Type: application/json; charset=UTF-8
Content-Length: 236
Date: Sat, 05 Nov 2022 01:23:58 GMT
tag-wellsfargo.nod-glb.nuance.com/tagserver/incrementality/onEvent
67.208.167.225200 OK 0 B URL HTTP/1.1 tag-wellsfargo.nod-glb.nuance.com/tagserver/incrementality/onEvent
IP 67.208.167.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tagserver/incrementality/onEvent HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 339
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1666757456297
Cookie: inqVital_10006005=%7B%22INQ%22%3A%7B%22custID%22%3A%22-4282532481866938184%22%2C%22clntLag%22%3A1157%7D%2C%22v%22%3A3%2C%22vcnt%22%3A18%2C%22vtime%22%3A1667611437365%2C%22_acid%22%3A%22-1%22%2C%22_ss%22%3A%22unsold%22%2C%22CHM%22%3A%7B%22lpt%22%3A0%2C%22lastChat%22%3A%7B%7D%2C%22lastCallId%22%3A0%7D%2C%22_is%22%3A1667611437359%2C%22_iID%22%3A%22-42825324818669381841%22%2C%22_ig%22%3A%22CHAT%22%7D; inqSession_10006005=%7B%22tzOf%22%3A25200000%2C%22auu%22%3A0%2C%22_svMs%22%3A-1%2C%22_aTyp%22%3A3%2C%22l%22%3A%5B%5D%2C%22m%22%3A0%2C%22n%22%3A0%2C%22o%22%3A0%2C%22r%22%3A0%2C%22s%22%3A0%2C%22st%22%3A0%2C%22v%22%3A0%2C%22ab%22%3A0%2C%22G%22%3A0%2C%22ss%22%3A0%2C%22T%22%3A0%2C%22U%22%3A0%2C%22ag%22%3A0%2C%22V%22%3A0%2C%22Va%22%3A0%2C%22cA%22%3A1%2C%22cB%22%3A1%2C%22af%22%3A-1%2C%22cnA%22%3A0%2C%22at%22%3A%22WFB-MessengerApp-S%22%2C%22as%22%3A1%2C%22Ac%22%3A0%2C%22sa%22%3A0%2C%22cHn%22%3A0%2C%22hdg%22%3A%22%22%2C%22bcs%22%3A0%2C%22to%22%3A0%2C%22stv%22%3A0%2C%22pi%22%3A%22null%22%2C%22St%22%3A0%2C%22odcr%22%3A0%2C%22scI%22%3A%220%22%2C%22lpb%22%3A0%2C%22ay%22%3A0%2C%22aya%22%3A0%2C%22f%22%3A0%2C%22j%22%3A0%2C%22ahh%22%3A0%2C%22CDRC%22%3A0%2C%22CHM%22%3A%7B%22pmor%22%3Afalse%7D%2C%22_ssID%22%3A%22-42825324818669381841%22%2C%22rd%22%3A%22www--wellsfargo--com--wr49329d%22%2C%22sest%22%3A%22%22%2C%22_sT%22%3A0%2C%22ltt%22%3A1667611437359%2C%22C2CM%22%3A%7B%7D%7D; inqState_10006005=%7B%22VA%22%3A%5B%5D%2C%22_loy%22%3A1%2C%22_ssQ%22%3A%5B%222022-11-05T01%3A23%3A57.352Z%22%5D%2C%22_slq%22%3A%5B%5D%2C%22_cct%22%3A0%2C%22_sqc%22%3A0%2C%22_slc%22%3A0%2C%22cfl%22%3A9223372036854776000%2C%22t%22%3A28800000%2C%22u%22%3A0%2C%22w%22%3A28800000%2C%22x%22%3A0%2C%22y%22%3A0%2C%22z%22%3A28800000%2C%22aa%22%3A0%2C%22A%22%3A28800000%2C%22LDM%22%3A%7B%22lh%22%3A%5B%7B%22id%22%3A-1%2C%22cg%22%3A%5B%5D%7D%5D%7D%2C%22CHM%22%3A%7B%7D%2C%22fst%22%3A1667611437352%2C%22lst%22%3A1667611437352%2C%22_ist%22%3A%22ELIGIBLE%22%2C%22_sesT%22%3A0%2C%22C2CM%22%3A%7B%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://tag-wellsfargo.nod-glb.nuance.com
Vary: Origin
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
Content-Language: en-US
Content-Type: application/json; charset=UTF-8
Content-Length: 0
Date: Sat, 05 Nov 2022 01:23:58 GMT
media-wellsfargo.nod-glb.nuance.com/media/launch/ci/InqFrameworkService.js?codeVersion=1666757456297
67.208.167.225200 OK 92 kB URL HTTP/1.1 media-wellsfargo.nod-glb.nuance.com/media/launch/ci/InqFrameworkService.js?codeVersion=1666757456297
IP 67.208.167.225:0
File type Unicode text, UTF-8 text, with very long lines (39886), with NEL line terminators
Hash 3f67d03c5af2aaadad6915c81d31e79f
21b80c2b1dd4bea7bf9adc229c15b053fd9caeca
7c08e00ad6d134965107baaacd6251d4a9e08e7dc61c8f14f6047d6c461b4f9e
GET /media/launch/ci/InqFrameworkService.js?codeVersion=1666757456297 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "+UpLmzzc26/"
Last-Modified: Wed, 26 Oct 2022 04:01:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Sat, 05 Nov 2022 01:23:58 GMT
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1fc9b492d6cc0a516998cec9fa5dc2a0
1082e5e96362a4960929c59ff1d4d995cb28f40d
3dc82302d8615c615526cc9a828844d291d775d05ff7174f8d6b82b7172b2908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9006
x-amzn-requestid: 1a0ea36b-a610-485c-be62-b6950288afbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGIVGGG7oAMFXJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658753-2fc408853092bf61646b7584;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:42:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xdg0glkctHhh3-kmb8HhwEnYjcxchpOLF4DrDIkICI7fSiHpIRPKIw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:07 GMT
age: 11032
etag: "1082e5e96362a4960929c59ff1d4d995cb28f40d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
50.112.174.169200 OK 0 B URL HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 50.112.174.169:0
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--wr49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 01:23:55 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2