Report - www--wellsfargo--com--6449329d48d6c.wsipv6.com/

Report Overview

Submitted URL
www--wellsfargo--com--6449329d48d6c.wsipv6.com/
IP
163.171.131.129
ASN
#54994 QUANTILNETWORKS
Submitted
2022-12-08 01:30:56
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Wells Fargo

Detections

urlquery
15
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
connect.secure.wellsfargo.com	11812	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	1.3 MB	23.36.79.24
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
ocsp.dcocsp.cn	33518	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	1.1 kB	79.133.176.228
www17.wellsfargomedia.com	76964	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	525 kB	104.110.27.78
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.186.209.73
dpm.demdex.net	204	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.3 kB	34.247.60.250
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	666 B	142.250.74.110
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	745 B	1.1 kB	142.250.74.130
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	104.18.32.68
2549153.fls.doubleclick.net	30024	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	780 B	1.2 kB	142.250.74.38
pdx-col.eum-appdynamics.com	4816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	2.4 kB	54.245.191.186
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	591 B	349 B	157.240.200.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www--wellsfargo--com--6449329d48d6c.wsipv6.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	72 kB	687 kB	163.171.131.129
static.wellsfargo.com	12306	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.5 kB	451 kB	23.36.79.26
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
wellsfargobankna.demdex.net	10546	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	562 B	1.2 kB	52.212.61.205
rubicon.wellsfargo.com	11786	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	625 B	1.1 kB	23.36.79.9
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	7.0 kB	142.250.74.131
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	873 B	1.4 kB	142.250.74.162
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	7.0 kB	93.184.220.29
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	541 B	694 B	142.250.74.67

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-12-07	medium	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-12-07	medium	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-12-07	medium	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	Wells Fargo & Company

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	199 B	2023-03-07	2024-03-28
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-03-28 17:41:48 Times Seen2469 Hash e086f28166bf73bc94e3cd49222ba6b3 e672fcd875785616f34372b6dd2a8245edbd0ca6 268683f78bf540a4628d352b35364a4405e8f1693eaee6a34e081045b1f95e54 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js	45 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4864 Hash 5f310e2e2a558d76b916e137aee73462 c7ff0190c9c2c414321211f3863e9e27f32b713e 385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	390 B	2023-03-08	2023-03-08
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:15 Last Seen2023-03-08 21:19:15 Times Seen1 Hash 480e09915d01eb7ce3f1e4a81c47338f 2d3c20b62992a26acd26916713ab0931ea590e63 4184361319d6abcdbd5ca072eb57ec774eb1162064c6c328cc3b1ff73e8de04e Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	114 B	2023-03-08	2023-04-13
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:59:53 Last Seen2023-04-13 08:50:12 Times Seen270 Hash 365ddb72c37cebb912aa0592fee6d67b 4db151969054fda826b478c23c47ca594d1aefdf 3ee0b2776fac2745ea071d2476528f6190f67abe0491ce74aedbb02f2bd7e0b6 Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js	538 kB	2023-03-08	2023-03-13
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2023-03-13 19:24:38 Times Seen1 Hash 2527531002b85960239d82afa22c7acb 602fb4f7cec1213a27fca1773c78af27678475e4 58020c2639ef4df91190872d5dda8cb517fbdde491cb2fde718916b58f3b57d1 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 01:56:43 Times Seen37052555 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js	56 kB	2023-03-08	2023-03-13
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:44 Last Seen2023-03-13 04:06:15 Times Seen1 Hash 69d78e2cf9a8928376449948d17e716e 32495fc43cfe023a0441b5ac991168db0de39a98 f9dd179ea0ec98ffe4c687564c30584fe4ef8fcdf03347d8f3657eee6958c61b Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single	11 kB	2023-03-08	2023-03-08
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:15 Last Seen2023-03-08 21:19:15 Times Seen1 Hash a752275c22a360b61bd1c3b26eb847d1 c17e0aec13929977d3d700705241bc81dc72d923 7c7c8fc99fad8cc2d7df2a1680074a70985b6b69add858ec9c22d3ab216d73d1 Loading...

	static.wellsfargo.com/tracking/hp/utag.js	205 kB	2023-03-08	2023-03-13
Pretty URL static.wellsfargo.com/tracking/hp/utag.js IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:07 Last Seen2023-03-13 03:25:42 Times Seen1 Hash c49f02d7e266f43a86d049fb03ec2e84 81f75202544d483a0ec714ddf4d90470c09f4a72 a1c2d9ec5a1e85656556a423d105950bf1ba6c71324ba02fa3b3358f1cb4bd65 Loading...

	connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js	1.2 kB	2023-03-08	2023-03-13
Pretty URL connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js IP 23.36.79.24 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:55:54 Last Seen2023-03-13 18:26:06 Times Seen1 Hash 439057c862d1967b1aeeacd491fb6d6a 5a7e1d2191e546aea4ff59a752a834afc89890c0 ae212a56fa9bf5613e72d1d44ca54d5ac9854447f3a537f5b148064e8ab7083e Loading...

	static.wellsfargo.com/tracking/gb/detector-dom.min.js	440 kB	2023-03-08	2023-04-13
Pretty URL static.wellsfargo.com/tracking/gb/detector-dom.min.js IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:07 Last Seen2023-04-13 08:50:50 Times Seen267 Hash d980391562cb88335867228eb62355e0 ee7af0c08ee43ff66f6bba09c08852f7b3859a42 313c07f6e4facc5730db27563c4aeaad1a86126333d448e47c7b29adb1f806fd Loading...

	static.wellsfargo.com/tracking/ga/ec.js	2.8 kB	2023-03-07	2024-03-28
Pretty URL static.wellsfargo.com/tracking/ga/ec.js IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-03-28 17:41:50 Times Seen4661 Hash 0ae62a83927125e9b9dfa97f89af9d3f efb68f49f2b9b6b5567bf26a17015ede289e429d 618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089 Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	691 B	2023-03-07	2024-03-28
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-03-28 17:41:49 Times Seen2441 Hash 48aed8d68c7d2fffc25f5635f592d555 910339ea378c481f21efced8b39c292816bc2fbd 54900b733cd406a3d2232358c17db394d9c2b5118167fbdf4f769a105635a6e2 Loading...

	static.wellsfargo.com/tracking/ga/ga_conversion_async.js	36 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/ga/ga_conversion_async.js IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4900 Hash 0a40602db7616a31c9da4548ee920190 878e01cb0c90cb247aabc137327655a6fcffcbd5 6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	126 B	2023-03-07	2024-03-28
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-03-28 17:41:49 Times Seen2471 Hash f1b0375ca8995f583d4f31df97c9e172 d901e5604947f5b57d3bda7a78e92cdcef0439ec a6117a82be9fcdf7e808ce5f2a8b37a4b0dc1dd7052feb6088fc72f32503343d Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	252 B	2023-03-07	2024-04-24
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-24 01:46:25 Times Seen2499 Hash 4f6526fc5cfbf8f77c674e5cb40c36d6 94bb860d263ab388eea733a7a0e7fc00717d0637 06249a30772721e1f681be4a0d74c05a58b36a266c273eafdbe86ebcca83aabc Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMCNWu-EAQAAtb18JPLevGML_CvtfjmQSNryDXJQwXUSRGR5glowJ7hDS6-b&X-G2Q3kxs3--z=q	266 kB	2023-03-08	2023-03-08
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMCNWu-EAQAAtb18JPLevGML_CvtfjmQSNryDXJQwXUSRGR5glowJ7hDS6-b&X-G2Q3kxs3--z=q IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:12 Last Seen2023-03-08 21:19:16 Times Seen1 Hash 71dc600b3a72093bc491f7c07c4228cb 16a436670bb7c84fdee231bd37ad688ed9788919 11f068a37c3e17c027512c1464dd7b938d9a07510da0747d05d5a14c1b4f18ec Loading...

	static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1	117 kB	2023-03-08	2023-09-21
Pretty URL static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1 IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:36:56 Last Seen2023-09-21 03:50:16 Times Seen11701 Hash 91c536ff4d2c8db1822702f866e60b08 3370d3721e28923f099da1985f718a88015975aa d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a Loading...

	connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js	269 kB	2023-03-08	2023-03-08
Pretty URL connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js IP 23.36.79.24 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:15 Last Seen2023-03-08 21:19:15 Times Seen1 Hash 1b2bc7d3adc6b99f993197e0ad9d8a81 b51aaba8a414a05e2fccc78e1d96785e9b3ce2c6 a49aa0911ce87def376bd20083d203a9c3c3e45e04e929410710249970ea8f4e Loading...

	connect.secure.wellsfargo.com/AIDO/glu.js	69 kB	2023-03-08	2023-03-08
Pretty URL connect.secure.wellsfargo.com/AIDO/glu.js IP 23.36.79.24 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:15 Last Seen2023-03-08 21:19:15 Times Seen1 Hash b59523a4d296d4adef890a5156e9f624 fe03c32c303195f8bd99e80a3651ec197d4b717c dc558e9c2baafecfb69cd09ca312278d67c2c24ef04ef6080ceb850fa5de01a7 Loading...

	connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.046321261547937365	88 kB	2023-03-08	2023-03-08
Pretty URL connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.046321261547937365 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:15 Last Seen2023-03-08 21:19:15 Times Seen1 Hash c3622fa72f1bee893c52fbe2d8c58da2 a8994e4b0fc948c2e9af13aec78811cd50150872 eaa1f2df38ecc6d850ca5bddcde9ab943ffd48d49e0b6b0e5b6fb22f5403c9c9 Loading...

	static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js	32 kB	2023-03-07	2023-11-04
Pretty URL static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-11-04 00:29:39 Times Seen29 Hash 162100f507af8b50f1406bf3fc405ce5 cf0a2bf9b914710962e0dd7899b93ba5ceb5134d e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279 Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB	196 kB	2023-03-08	2023-03-12
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:47:01 Last Seen2023-03-12 21:10:57 Times Seen1 Hash b61f7de6cec194f0a00bdf64b7c3aa14 62b17d0d97ff2c18580f8adc67a8b95a339239eb 0c7b79ba74a86379afcd374b523379e8fa2239d920b9fa130ab4996de7590dc1 Loading...

	www--wellsfargo--com--6449329d48d6c.wsipv6.com/	306 B	2023-03-07	2023-04-05
Pretty URL www--wellsfargo--com--6449329d48d6c.wsipv6.com/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-04-05 02:01:42 Times Seen260 Hash bf7d1aee3b865a6842835bce8c0a0685 c5213d92fbf617eec79bcade5d93355daf5f199f a14e4c94d8fddca88038c337df0f10bc9bc25460c913bdb20c064ac48ca545a8 Loading...

	static.wellsfargo.com/tracking/ga/ga.js	49 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/ga/ga.js IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4882 Hash 8402e9ebdf9290c018b0617018227681 2d840fcd6c3008d9aca747ba0ce056b496db8e1b 0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22 Loading...

	connect.secure.wellsfargo.com/jenny/nd	52 kB	2023-03-08	2023-03-08
Pretty URL connect.secure.wellsfargo.com/jenny/nd IP 23.36.79.24 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:55:30 Last Seen2023-03-08 21:19:16 Times Seen1 Hash 93f1bd0f4c1d1f9b1aa3379a720721b5 4aa3da3f7c46709339f7a312ced78786a4b784ea 5ad99a28f66b7f8ad69d3ca5c335d69ef112fdad5b4a5b375cc324418ed6b0f4 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	2.0 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-08 03:26:08 Times Seen4778 Hash e7cf4c458b327ab7ed31e0936ccd404f 970bf05073f91ad6b8f21521f7c9886f71f2af1d 52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js	48 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js IP 23.36.79.26 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4875 Hash aeccb854b0a76aa9f478e466c8011b29 625d31cbeb8978cf2419f58d14bba92a42dbb45c 7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6 Loading...

	connect.secure.wellsfargo.com/auth/static/prefs/atadun.js	1.2 kB	2023-03-07	2024-04-19
Pretty URL connect.secure.wellsfargo.com/auth/static/prefs/atadun.js IP 23.36.79.24 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 19:43:46 Times Seen4753 Hash 566dda94252f1860a7a28665c715b530 6aa0455dc8ea41441b1f3a733985758dc40af736 43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903 Loading...

	connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBNTFlRU0hCN1B2OXQ2UU9YUTY5a3Vzbi9MRjJKdmc3OC8rUkJIK3F2d0JROFlxSGVicTltTDMwYnJ1emRVNGluSkh3UlZ2UUJCem44N1huNHdFZTZDUVZiekVoREV4dzNCemZ5V2plaGdMK253MmpSY0Y5azFQV0QyRTNsQXRaRHFGdXR4ZU4yVi9aS0xnd1poajM3Vk1HaW9Ebi9IQWhsRU5xRGZmMDlPRzhxdnBPWS90Q3F2THNYSHdCMXpRUm5vMmtONmQvVnFuNWxWRS9DbEMrVDlubDNDUDdQaW1mMGdUR3paaXJzV1EybWZGUlAwRmN5OVVoV2o0b28rcFl6WFN6bnlHVlpIWWhQYWFTV3pudU1UODVEbEN0eGdMand6ZkRoZ3I0PXxjNjEyYTE3MTc3MThlODlmZGVhNzFiOTg5NjBkZmI0ZDBmZmQ4MDBkYzlkYzVhOGIxZmU4MjJjZTI0YThmZGU2YTNhZThmNmM4YWE3NTk0ODBmNmJkMDQxMTQ2NzAwMjgxMWMwZThhYWVjODQ3NWJiZmIxOGUyODJmZmE5MTFhNDM5OTg3YTk1NjU3ZjBhM2U2MmU4N2RlZWE5YTlmZWIyMTQ5NjNhMjc1MGNjNmFiNzA2ZWJhYjRiNmFhYzczNzUzYzZjZGEyZGY1ZmRhZDA3NTYzY2E1N2IxZGRmZmZiZThlN2I0ZmVmZDcxMGUwMzI1NWQyZDA1OTE0NWIyNWM3MWZjY2JkYjNjMDhlNzM2ZmRiMzM1YTA4NWZiZDVkYjJlYTY0N2EwNDUxYjBiYjgwOTE2Y2YxNGIyMTIyZmY4NDY1MGJiM2NhZDhmNjAzZGMzODg2YWJkZGJkNzA4Yzg5MTI2ODUyOTllMzdjYjVjNDYwYTEyMjY0MjcwZjgwZjIzZmM4MzdlZDMzODUzMzA3ODE0Mzc1NThmZDk2MGIwODJkM2FlMDk0ZDE0MmI5M2JlZTRlYTNiZWEyMTYyZDFmNWFiMDZkYTU5MmY1MGZkZGJlMTFmMGE5MWVmMmRlYTFlM2Y3YjBkNjY3MjgwYmRmOWMzODQ2NDNlNDM4ZDk3N3wwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com&t=jsonp&c=lxboqvgilfpxhdrw&eu=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F	90 B	2023-03-08	2023-03-08
Pretty URL connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBNTFlRU0hCN1B2OXQ2UU9YUTY5a3Vzbi9MRjJKdmc3OC8rUkJIK3F2d0JROFlxSGVicTltTDMwYnJ1emRVNGluSkh3UlZ2UUJCem44N1huNHdFZTZDUVZiekVoREV4dzNCemZ5V2plaGdMK253MmpSY0Y5azFQV0QyRTNsQXRaRHFGdXR4ZU4yVi9aS0xnd1poajM3Vk1HaW9Ebi9IQWhsRU5xRGZmMDlPRzhxdnBPWS90Q3F2THNYSHdCMXpRUm5vMmtONmQvVnFuNWxWRS9DbEMrVDlubDNDUDdQaW1mMGdUR3paaXJzV1EybWZGUlAwRmN5OVVoV2o0b28rcFl6WFN6bnlHVlpIWWhQYWFTV3pudU1UODVEbEN0eGdMand6ZkRoZ3I0PXxjNjEyYTE3MTc3MThlODlmZGVhNzFiOTg5NjBkZmI0ZDBmZmQ4MDBkYzlkYzVhOGIxZmU4MjJjZTI0YThmZGU2YTNhZThmNmM4YWE3NTk0ODBmNmJkMDQxMTQ2NzAwMjgxMWMwZThhYWVjODQ3NWJiZmIxOGUyODJmZmE5MTFhNDM5OTg3YTk1NjU3ZjBhM2U2MmU4N2RlZWE5YTlmZWIyMTQ5NjNhMjc1MGNjNmFiNzA2ZWJhYjRiNmFhYzczNzUzYzZjZGEyZGY1ZmRhZDA3NTYzY2E1N2IxZGRmZmZiZThlN2I0ZmVmZDcxMGUwMzI1NWQyZDA1OTE0NWIyNWM3MWZjY2JkYjNjMDhlNzM2ZmRiMzM1YTA4NWZiZDVkYjJlYTY0N2EwNDUxYjBiYjgwOTE2Y2YxNGIyMTIyZmY4NDY1MGJiM2NhZDhmNjAzZGMzODg2YWJkZGJkNzA4Yzg5MTI2ODUyOTllMzdjYjVjNDYwYTEyMjY0MjcwZjgwZjIzZmM4MzdlZDMzODUzMzA3ODE0Mzc1NThmZDk2MGIwODJkM2FlMDk0ZDE0MmI5M2JlZTRlYTNiZWEyMTYyZDFmNWFiMDZkYTU5MmY1MGZkZGJlMTFmMGE5MWVmMmRlYTFlM2Y3YjBkNjY3MjgwYmRmOWMzODQ2NDNlNDM4ZDk3N3wwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com&t=jsonp&c=lxboqvgilfpxhdrw&eu=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:15 Last Seen2023-03-08 21:19:15 Times Seen1 Hash 02aed9848296a9b3a89292dcbd44bebd 0c7a6950babbc2379cd5055fcc51b2be44df9419 53e2fe29e9baa3a7e42e330df90f42cab65fac70adbe2838c52be1aaa8c389ad Loading...

	connect.secure.wellsfargo.com/PIDO/pic.js?r=0.5817860576754121	78 kB	2023-03-08	2023-03-08
Pretty URL connect.secure.wellsfargo.com/PIDO/pic.js?r=0.5817860576754121 IP 23.36.79.24 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:15 Last Seen2023-03-08 21:19:15 Times Seen1 Hash 3730904052c79153384483f7c12b76a0 1c4f7fa6151fd756ed0656de878be76dabe48796 80267fe6e7fd916de8b02b366b20dc2531b8ffc24f0d4305bbc2797c68f0fc95 Loading...

HTTP Transactions (139)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6444
Expires: Thu, 08 Dec 2022 03:18:08 GMT
Date: Thu, 08 Dec 2022 01:30:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3661
Expires: Thu, 08 Dec 2022 02:31:45 GMT
Date: Thu, 08 Dec 2022 01:30:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 01:08:06 GMT
content-type: application/json
age: 1358
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7695
Expires: Thu, 08 Dec 2022 03:38:59 GMT
Date: Thu, 08 Dec 2022 01:30:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: oVpyZI0hFYB3vERdLT97GaPOJBnC3ZfcUBHlyQJ85rrZQN0zp4OQNsD81qBkVKqci/o9WBR3QI0=
x-amz-request-id: 3BVRS6J7ETS4DDF5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 00:49:34 GMT
age: 2470
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 01:30:44 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.dcocsp.cn/

79.133.176.228

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
79.133.176.228:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
27c4362835c05b244608a470943792c1
fe63f386d5c88511610b38d415bb5c4cbed8e8e8
9361c4d19dad365304cf30b60cf88234693447bdbe8d6edcc2ee2e08119362c6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 08 Dec 2022 01:14:40 GMT
Last-Modified: Wed, 07 Dec 2022 14:24:42 GMT
ETag: "6390a22a-1d7"
Expires: Fri, 09 Dec 2022 14:24:42 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1670462080
Via: cache21.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache6.gb1[0,0,200-0,H], cache6.gb1[1,0]
Age: 964
X-Cache: HIT TCP_HIT dirn:10:457043978
X-Swift-SaveTime: Thu, 08 Dec 2022 01:19:45 GMT
X-Swift-CacheTime: 3295
Timing-Allow-Origin: *
EagleId: 4f85b09a16704630446932730e

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 01:07:55 GMT
age: 1369
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1116
Cache-Control: max-age=114881
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:45 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:25:26 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

www--wellsfargo--com--6449329d48d6c.wsipv6.com/

163.171.131.129

200 OK

18 kB

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Size
18 kB (17767 bytes)
Hash
18abe685623b4141ab8650937bcb6b28
5a3780c686dc9c5bb0116d11e64ca70b2e69a2b8
02ab8b4c43611e1ff3db758d0bbe8cfbb5ee911515eb09f499b17938c93a4b56

HTTP Headers

GET / HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:4$_ss:0$_st:1670464768032$ses_id:1670462785413%3Bexp-session$_pn:2%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 17767
Connection: keep-alive
Expires: -1
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-b31427d5-5b9b-489f-be60-9a4c5341ed4c' 'self' https://*.wellsfargo.com https://*.wfinterface.com;report-uri https://ort.wellsfargo.com/reporting/csp
Content-Language: en-US
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Akamai-Transformed: 9 21508 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf; Expires=Thu, 08-Dec-2022 01:31:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 08-Dec-2022 01:31:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Thu, 08-Dec-2022 01:31:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Thu, 08-Dec-2022 01:31:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:66; Expires=Thu, 08-Dec-2022 01:31:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202212071730441914226061; domain=.wellsfargo.com; path=/; expires=5 Dec 2032 01:30:44 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; path=/; Httponly; Secure
WesdAksn=A808W--EAQAAx_ch59RQ2sSOvch3QA6GVHU6j4AovqgE4vSPNYTr-reYb-MwAaOrg2CcuDv8wH8AAEB3AAAAAA|1|0|10f7b9c009fccd39eb85851891b7f4e5b344ef31; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=RSN5dnaDoFiVhR8BSf5SA57%2f%2fHkRtmBQIFhYp1Qzxve3Z2%2fNvMCJIzyvqTETNcIG; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:44 GMT;Httponly; Secure
_abck=01630F1C005467C70BA7B2CDB006B8BC~-1~YAAQHWgRYFsaKoqEAQAAtD1b7wmjqQ6gIqETykQIdYPLpuQDeKbaAIDXno2cL7QUwaYk35JOQbDzHIItIKMLe9HAb3RUZd/0TH01RVfvjZZFko7WQCk76/OepilfVm1lzBDq25A4gvzMLps3h5uPC8/Dn+4oqX4KxJHicfjPGADf51UX/kJXSgnKYS6mnqhsZVxhbLVrsJDGVQjTkzbTb/zJTaqzJXExYoLbeuYoDGxia2QNeMX1juMmYQ+i6kGa2y95Ts0PfoWXrTSz5VAwFU3t64f4jPOuY1PtqdKgrpOn0jw9ipksxEiF/NvwB8qOjF7x4twtB6QvmEGwCN3MjER3XoJTzb9HlHFTfcSZ8VH4xvj8Qzf9u1b3o9YRXDb4Pg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:45 GMT; Max-Age=31536000; Secure
bm_sz=0903502D617B60ECC4538BA77F8B4863~YAAQHWgRYFwaKoqEAQAAtD1b7xI4orLB48/7Hv/fCpOM3iIKo+lfKmXrrmeoI5XNk2xS/lLhBpfyv64thBkGylALqGd8yiaZ7v0jGiK6+WOozC9tYsGs7S94nD7CxWfp4see82Qbm847YSoSBGeiubLq5RobCKCsPXhFFjSgDZzavJa1fhrCx1e5k9Dvx7O929/dQgX6IXAi1Fx4FsAJuLSYTNhxKcKyJmAvTex5OEnjcewtGsMazJqBvNvOrPs8Cij3xxILXh4sL5nzrJeuYJsuNB1GZewEDo6CQ8mbvMypZ8s2E1+Y~3289926~3360052; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:44 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl22:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e44_bl21_27669-48499

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d33e77bc735a42c4569b77df1d3e53d9
5be5bef9347306b7ad0f696b817fd454a935a2b9
96aa8cb49643f5c99308d3075e7f535826c848ece72891daa0ca5a5c2b9e40c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5132
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:45 GMT
Last-Modified: Thu, 08 Dec 2022 00:05:13 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js

23.36.79.26

200 OK

901 B

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (1952), with no line terminators
Size
901 B (901 bytes)
Hash
5dcc7c101ced74367609685d577093f6
f0d8214335e3c33b634048b992afd536f5bd3e43
10aab16ccfb5374425dc6ee64453a7fe6d7b6dfa47ab65779f42c7db740da1ef

HTTP Headers

GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Thu, 08 Dec 2022 01:30:45 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Jr+BD9Mr4w1sLQbhFxBF4w%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png

104.110.27.78

200 OK

562 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
562 B (562 bytes)
Hash
dffe59af45e3b6e5d78ffcb4a1a5386a
f273b4eded463939c9a9ec7944a892d2a3921ed2
9bd4d77dfdadd6574d42e469c1968fffce0422134f4487f1d785367752743f96

HTTP Headers

GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a93697-769"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 562
content-type: image/webp
cache-control: private, no-transform, max-age=1504400
expires: Sun, 25 Dec 2022 11:24:05 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png

104.110.27.78

200 OK

1.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1344 bytes)
Hash
20cf7cbf9f523ea23270f0140672e57d
61c40fed4a85b0ff069f6361f87ee77ff4207c2d
9d7f1fe0833268a6a9468b9fc19436ffe00b8596c67131b09361467deaed1b76

HTTP Headers

GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a93697-12d2"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1344
content-type: image/webp
cache-control: private, no-transform, max-age=1091541
expires: Tue, 20 Dec 2022 16:43:06 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg

104.110.27.78

200 OK

35 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
35 kB (35078 bytes)
Hash
b4461eb744601a2ca1764ee8245185fe
8666c2c62e249f94da9721df78c7ce0cfbb587b5
e04eef1b087076cfd56ee5728e50ef2993dc739f5d1934c3196c7bf88019d386

HTTP Headers

GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62057fd1-14ef3"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 35078
content-type: image/webp
cache-control: private, no-transform, max-age=1385455
expires: Sat, 24 Dec 2022 02:21:40 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png

104.110.27.78

200 OK

1.7 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.7 kB (1710 bytes)
Hash
c5f6eb132665afa77e8ac7a1a707e951
70d65ab0dcfaace4c1d8bbb772af4fd7c6f66c80
0d7727e08780a04f9c86fca16ed264664eea2b161744cfb70836880bf04fc1ac

HTTP Headers

GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61bcfcce-10c2"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1710
content-type: image/webp
cache-control: private, no-transform, max-age=1319029
expires: Fri, 23 Dec 2022 07:54:34 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js

23.36.79.26

200 OK

11 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (31790)
Size
11 kB (11076 bytes)
Hash
6d79a0dbc6ea2602aa38bbf53e43124e
8b53e45df3e4aea81cbfaa90081f6795bcfe39fc
d2aa003ecdd6c31e12964104bd23498a60e94fa2d163c6d1ff285db59f61bb6a

HTTP Headers

GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 12 Feb 2022 17:58:28 GMT
Vary: Accept-Encoding
ETag: W/"6207f544-7c61"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 11076
Date: Thu, 08 Dec 2022 01:30:45 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=efdMXIB8Jqa%2fg+X+PNCKzg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png

104.110.27.78

200 OK

2.5 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.5 kB (2496 bytes)
Hash
e3dfb8e67322de6a7be8c293043e69e1
9c2339e0b48afdfdcd908f78777be88c133d2aef
ea103ea932d2ebdd8e57887e4beabb394c21b6f260f49adfa8be4772cb61faec

HTTP Headers

GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "618287e9-14da"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 2496
content-type: image/webp
cache-control: private, no-transform, max-age=1557087
expires: Mon, 26 Dec 2022 02:02:12 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_house_gradient_64x64.png

104.110.27.78

200 OK

1.0 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_house_gradient_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.0 kB (1004 bytes)
Hash
2700367e62982f99dbdb7efa2e11328c
7db153f43a4bc9d95eb94e0d07404440b92ec129
8e16030cdf2d91809d0540f79aa3a3be4b83e4a9bf13bd91def3962f1484406f

HTTP Headers

GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_house_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a93697-f60"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 131
x-check-cacheable: YES
content-length: 1004
content-type: image/webp
cache-control: private, no-transform, max-age=1401930
expires: Sat, 24 Dec 2022 06:56:15 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg

104.110.27.78

200 OK

52 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x502, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
52 kB (51474 bytes)
Hash
67a063a06589a4e40465cffe34adf460
83bd779eab37f708db097c28d9eb4295c3ebdc13
e037cf255bed27ebd83c682b368532fc925848a9ff0e42d97132ac995e43bbdf

HTTP Headers

GET /assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a7e46d-172e2"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 51474
content-type: image/webp
cache-control: private, no-transform, max-age=1401813
expires: Sat, 24 Dec 2022 06:54:18 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

www--wellsfargo--com--6449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js

163.171.131.129

200 OK

57 kB

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Size
57 kB (57297 bytes)
Hash
bf3200896bd105e86dc947dfa3c7fbf3
f39afea6027114a0d0378fd02736b71ff2f86df8
39472107f9bee2c7bd46249baa5b90c51bef93f866685c418f2a9b7175d5ed64

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:4$_ss:0$_st:1670464768032$ses_id:1670462785413%3Bexp-session$_pn:2%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:66; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:45 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 57297
Connection: keep-alive
Expires: Thu, 08 Dec 2022 02:00:45 GMT
Last-Modified: Wed, 19 Oct 2022 17:27:48 GMT
ETag: "63503394-2b951"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:5 (Cdn Cache Server V2.0), 1.1 bl21:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e45_bl21_26355-5518

www--wellsfargo--com--6449329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css

163.171.131.129

200 OK

24 kB

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
24 kB (23639 bytes)
Hash
ab14fc94e9e3eda1147b33096ce78036
d2dc912ef40215c52466a63f55b3fcb274b1a3b9
fbdda4705c51998c24e57f486500422fdf801052b612b7d43272a0895e245207

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
openphish	Wells Fargo & Company

HTTP Headers

GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:4$_ss:0$_st:1670464768032$ses_id:1670462785413%3Bexp-session$_pn:2%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:66; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:45 GMT
Content-Type: text/css
Content-Length: 23639
Connection: keep-alive
Expires: Thu, 08 Dec 2022 02:00:45 GMT
Last-Modified: Wed, 19 Oct 2022 17:27:48 GMT
ETag: "63503394-29ee7"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:5 (Cdn Cache Server V2.0), 1.1 bl21:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e45_bl21_26325-2784

www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB

163.171.131.129

200 OK

76 kB

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
76 kB (76003 bytes)
Hash
5cf20c2d914939f0d2e7e12fa91f777d
29e375db191026973ca979d46bcaff2b165cef2f
f58e093bc623c37323179d5e6a862898b300479a5a6f56b826ab7b19c123333f

HTTP Headers

GET /ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:4$_ss:0$_st:1670464768032$ses_id:1670462785413%3Bexp-session$_pn:2%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:66; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:45 GMT
Content-Type: application/javascript
Content-Length: 76003
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 15:58:55 GMT
ETag: "93eab3a0bb65580813c7bd658963fe649b396249081ec8ae963c7388b973964b"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=6X70bre5Y4aZyVh7uznK2Q%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=7946C1C7AA2335801E3435FA4EE06AFC~-1~YAAQHWgRYGYaKoqEAQAAmT5b7wk+JfoiHYX13Bj7urfjyc3wsdbB3yFD6frGLrCbBqJpx+80GxBZPwt2O5HaIeb8UQiuBtSzkR0fTupl7X+CIbKDfBx6hNAPYsWwmT/sVO88Djb2O1uxW/xuQuY0Dh5uSQj+EUHUfjFfwGa7vlN/Je9wobrWwhPdIRbz7DGQTt7RIKtaKUN75s44qUdSRHGw7U5wAR0Djow46Tg5KcN3cobaPVrHE6QOVqkR0LTH7c9ApB9sHKtLdljHkojZ/2fWp2Epl6QtaquigX35y7Q9YjUFxxRm5oz03Gw21QiiXCF762CQcIAX6LpHRwJW5x95BvUXyzSK4dfBs+BSM6Zwz/H36WF01b4jOrUTOsd9iQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:45 GMT; Max-Age=31536000; Secure
bm_sz=C1813CE4CC42BB44C9C344969EDA0EDA~YAAQHWgRYGcaKoqEAQAAmj5b7xLoIzQVqn3Cludr622PdzR/Ls0lnj56BvnemvwTAThLySrginJyIRdYp28ODat6mb6ocs1t7gVbl5N8JFricHdPNdwjXXkO1tnH48E0ZRXo5JyRQVYYHnPQ3pA1/lgF//BxCjQnzHlPNeWw9wV4YHnZr3/MP+BFquZl9fzlZwVDuwv/uk0vww2CLQkg8zWvym46GF9wTSI0jI67p36XmcsbT/w2GMUNlRQpF1EIKNbtzW71vp8UiWq/M7iYC3rlFt9stszAXXfYJDVzXZ+rFO8NNEr/~4342073~3425846; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:45 GMT; Max-Age=14400
X-Via: 1.1 bl21:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e45_bl21_26464-33500

push.services.mozilla.com/

54.186.209.73

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.209.73:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wpTm+9R32I9MUYlwYqRvcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2VLZ8LndUTBy+3SHSIRspEu0eQw=

www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single

163.171.131.129

200 OK

4.3 kB

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (9269)
Size
4.3 kB (4283 bytes)
Hash
6961b7c1fd1d085cc7eaeebabd08c6bf
49a8463813f75a84221251499c1150107e6d9ea8
09f49a00ed454f11526f7fec46362bcd0eeb67980601c9444a5944af66dadc4a

HTTP Headers

GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:4$_ss:0$_st:1670464768032$ses_id:1670462785413%3Bexp-session$_pn:2%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:66; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:45 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4283
Connection: keep-alive
Content-Encoding: gzip
Expires: Thu, 08 Dec 2022 01:30:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A60-W--EAQAAq5UDYm3OpdPknDb_TWDUZJH5EPhydM1AkH_wdDvyaa7NXtQ-AaOrg1-cuDv8wH8AAEB3AAAAAA|1|0|a4f6a7f09c432c24ed6a23d1c6bc90a2c6ffc7a9; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=ndMPw4shNVsXaDUjf3DrtWFSuT35SSk7Ok6LthEbKNA%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:45 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e45_bl21_27669-48522

www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png

104.110.27.78

200 OK

49 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Size
49 kB (48569 bytes)
Hash
4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39

HTTP Headers

GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:04:58 GMT
etag: "62d9b16a-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=7699743
expires: Tue, 07 Mar 2023 04:19:48 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Size
22 kB (22424 bytes)
Hash
0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

HTTP Headers

GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=1840593
expires: Thu, 29 Dec 2022 08:47:18 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2

104.110.27.78

200 OK

23 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Size
23 kB (22600 bytes)
Hash
83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba

HTTP Headers

GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=1750452
expires: Wed, 28 Dec 2022 07:44:57 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Size
22 kB (22172 bytes)
Hash
f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

HTTP Headers

GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=1817387
expires: Thu, 29 Dec 2022 02:20:32 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Size
22 kB (21636 bytes)
Hash
1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc

HTTP Headers

GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=1750172
expires: Wed, 28 Dec 2022 07:40:17 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/hp/utag.js

23.36.79.26

200 OK

55 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/hp/utag.js
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (15536), with CRLF line terminators
Size
55 kB (54746 bytes)
Hash
a2ab4b46ad30f60866211f2fe5de68a3
125c39f1a776161eb319a742ae7ce621f4c38933
11f666b297e903717f7f8fb577dca1beb1db6bff324a2a99b4dc0c639f883452

HTTP Headers

GET /tracking/hp/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:35 GMT
Vary: Accept-Encoding
ETag: W/"632cc04b-32229"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54746
Date: Thu, 08 Dec 2022 01:30:45 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=TpOyOt8I%2f97WsskpTIGDNA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB

163.171.131.129

201 Created

18 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

HTTP Headers

POST /ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2165
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:4$_ss:0$_st:1670464768032$ses_id:1670462785413%3Bexp-session$_pn:2%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:66; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 201 Created
Date: Thu, 08 Dec 2022 01:30:45 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=yiowil4M6MO7i2q9Zh%2frNg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=yiowil4M6MO7i2q9Zh%2frNg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=CBCA7C5160368CFC3191DE5239BB409A~-1~YAAQHWgRYHQaKoqEAQAAGkBb7wmatZtip9L+0hmX0j1X4g8eSFqbqQF3DyQKYeZwmdND3BL+UvWwyk//t3WP4RSvC6eWzTtrv5fnjaSKkNrwgwdWFTLDqkIg4VVKcqDv23iRNa0UDcFLZS32nOYUc96haCl5Thy5qZWlLIVnp0uxMTpJAd0sJHZNsBfcytXiKGCaL7OGIwftmvUixuH+yqbdXTQqTef0zvJ6AOliidQvUmrsirHRJ7tRxcQcaJYj68xkm3eExVxY3galI1GknsipW5lhUY6+ZjpkziJjAU45fP0c2X4bw8PDyn39Vqb/b4BaVAufkVM8sc1Qihexz/Kcdx/OxMbGSzvFl/9r9YEOi1devu/0m/2NoTBc/H3m0w==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:45 GMT; Max-Age=31536000; Secure
bm_sz=2FB03689366F4B9E76012E5243D0D4AC~YAAQHWgRYHUaKoqEAQAAGkBb7xJWGN/XP1FHwY9MSyfMQnhWLYXOfLt6bpxDpLnn2vi/+qA+Vjeu4QxuLS/VYRozasznhes3XiQhlIasdJhfDU15o6Q0gT8XZhr5FfGJ6hg+znJwoFjlWsZovmSdjCfx6FFULzkNJbmMheT9WcE/SM+iLtCtfpkg1px8wCjY1puoD6LAvdKKzT4EijIlFf5reyaqZiTYbTzRvhWudAzjvmsOXw9d4aiRpWspKCU6DbBAPlQywDP2r0zPwP5Y/lOriJh6H82kmcgUChkH3kEXRMOS1pEi~4342073~3425846; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:45 GMT; Max-Age=14400
X-Via: 1.1 bl21:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e45_bl21_26533-51838

www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMCNWu-EAQAAtb18JPLevGML_CvtfjmQSNryDXJQwXUSRGR5glowJ7hDS6-b&X-G2Q3kxs3--z=q

163.171.131.129

200 OK

149 kB

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMCNWu-EAQAAtb18JPLevGML_CvtfjmQSNryDXJQwXUSRGR5glowJ7hDS6-b&X-G2Q3kxs3--z=q
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
149 kB (149304 bytes)
Hash
af371bb986cd654353c765d5e4c93c54
32ce8c9c62cafcab4d3c4bc4eba0c578401e13d3
4040d4113a6354a23fe46e1d7c0ee9a14285ea5612cafe1ee54c47d85964f379

HTTP Headers

GET /auth/login/static/js/general_alt.js?async&seed=AMCNWu-EAQAAtb18JPLevGML_CvtfjmQSNryDXJQwXUSRGR5glowJ7hDS6-b&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:4$_ss:0$_st:1670464768032$ses_id:1670462785413%3Bexp-session$_pn:2%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:66; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:45 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 149304
Connection: keep-alive
Content-Encoding: gzip
Expires: Thu, 08 Dec 2022 01:30:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A6Q_W--EAQAAj3aJT5-IXc6REqurXdva4_40L6Juilokqsolfee-a2Zed55cAaOrg1-cuDv8wH8AAEB3AAAAAA|1|0|61b4bfe4a2729bed88fe89ce3d27d75e4a97d687; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=Lgm97f33wgIeero8LcL8+LQMbQfmD3PUG1FcQcIP0N%2f6QriYj5uPjMlMocNcnlKY; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:45 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e45_bl21_26464-33522

www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png

104.110.27.78

200 OK

1.6 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
1.6 kB (1636 bytes)
Hash
b9d2c719de3d6701349f1134e129defe
703a51a2f72672f6b34a3dcf8d07c351143f9151
95ae72a8f3b1f5794802b2704b74bef2f29fe1b8da1f06c97a8e7ab2acb5e435

HTTP Headers

GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6116f9a6-dcf"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1636
content-type: image/webp
cache-control: private, no-transform, max-age=1399441
expires: Sat, 24 Dec 2022 06:14:46 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico

104.110.27.78

200 OK

9.2 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
9.2 kB (9198 bytes)
Hash
cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c

HTTP Headers

GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=44583
expires: Thu, 08 Dec 2022 13:53:48 GMT
date: Thu, 08 Dec 2022 01:30:45 GMT
X-Firefox-Spdy: h2

www--wellsfargo--com--6449329d48d6c.wsipv6.com/target/offers/conversations

163.171.131.129

200 OK

2.0 kB

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/target/offers/conversations
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (9762), with no line terminators
Size
2.0 kB (1959 bytes)
Hash
715ba2e725d976d78e960d8a49030949
89fec64e941408b620a44ee475ddc5bc4008522c
571b5f0291bdbd84b5a4fb3ef91650c1a73df5a1f0a3028169c4532576ffd75c

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:4$_ss:0$_st:1670464768032$ses_id:1670462785413%3Bexp-session$_pn:2%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:66; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:45 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 1959
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-a0b38fc9-8d3c-4a6e-8e83-e26d80c7cc42' 'self' https://*.wellsfargo.com https://*.wfinterface.com;report-uri https://ort.wellsfargo.com/reporting/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:66; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1; Expires=Thu, 08-Dec-2022 01:31:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 08-Dec-2022 01:31:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Thu, 08-Dec-2022 01:31:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Thu, 08-Dec-2022 01:31:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:193; Expires=Thu, 08-Dec-2022 01:31:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202212071730451969406963; domain=.wellsfargo.com; path=/; expires=5 Dec 2032 01:30:45 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=9313EE44BC8F0ADFB1BC8F2BC07FD41A; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=9o63cdMtcRZuuI2iBLIT5S0cCvdGZT0lkE9QhHVm0qAa9mkH2+UhRdb6szfPiIV1; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:45 GMT;Httponly; Secure
_abck=71A1CC47816533FF6C76C16CA6D44025~-1~YAAQHWgRYH4aKoqEAQAAaEFb7wm9dV/oB/vlDX7np28kz9hnEQoBg4q0YKM441WoBoTxni5xKnMXQ34tdkP9XFtrIMzJhu/IP+vLBEIMk2oManZq9mpvUHSwBsy+2lEM0OxooLc1JtZHWl2A2R93p+gwdZuJRO1VoQFFU/u3xh+mEKBQuHob6crbBTBonuYdYzD81w7cFoZNKk48R34r+w37skb2USeZi9E7iNVxD8olyI8m7b1QVoU8FolkvCpLoAZZwSFowHAy2d8DAaBeVJdhmOBz/Y45Pk9ADZ1K1jCGzGZpM61bjvAHK41XRdsfnVN4SsY2jwEQe/DR2uBNhHY7bmxmpUgsWvq0c1sP90DYzEAcH+3jbJebhP3YWjs78A==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:45 GMT; Max-Age=31536000; Secure
bm_sz=48C8D8AA0ECFC445978BC0BB6AEB4ACC~YAAQHWgRYH8aKoqEAQAAaEFb7xKn4ajoYGhVM+8wRYGzpjEp11NVfXoIHvltZEh4gLD99FE6WQC6kNK9O1fzOskR0ouXi7JpEfneRwrCOpsAVL1FBg0h97hLri+DCUjIG/3bc5IUYU6zpdwliUSZUg8PDZe21NC3owqRRT2vg+H0FSvMjmhmBLSVDs8UmuKQMSvt3SGX+5FQ1Oc26dyN1uDYaLCTvXEg5NKD8vz8rXLFQFsuoXhNUAc2PzLKkasfZ3df1fGGTbuxhFlCB7wPjN86uw7Mn9Nd9dtK3lhrdEGFACXBxGKa~4342073~3425846; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:45 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl22:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e45_bl21_26325-2800

www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js

163.171.131.129

200 OK

306 kB

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (65356)
Size
306 kB (305866 bytes)
Hash
0a73606e47133a2d2a13f7b5e1750e3c
8faaf759f275f0b66491df1c5077939099282044
cadbb05fc74ea8549b09ebed74da9dddf5499847acbcfaf7775b67a48abfc1ed

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:4$_ss:0$_st:1670464768032$ses_id:1670462785413%3Bexp-session$_pn:2%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; ADRUM_BTa=R:0|g:d257a793-03ad-4804-8dbc-3a73eccc99bf|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:66; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:45 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Thu, 08 Dec 2022 01:30:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=g6Vs%2fm79gnm5ToMNGHsqgTfGBknnFl5os+x%2f4ArBTTJT8zfVCaZfJjSE231TLQZe; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:45 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e45_bl21_26355-5534

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg

104.110.27.78

200 OK

55 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
55 kB (55048 bytes)
Hash
f9ab0764029883a1b5fedf81e7a450a1
b1f3593d1bf562f06bff4d9175d7ce10aa294f4f
4d2bd105b932b41bcf770bccfa190341867c5680f95df56ebaf24f6e8d8aefcb

HTTP Headers

GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "63505818-def7"
last-modified: Tue, 25 Oct 2022 21:17:29 GMT
server: Akamai Image Manager
x-serial: 1018
x-check-cacheable: YES
content-length: 55048
content-type: image/webp
cache-control: private, no-transform, max-age=1194312
expires: Wed, 21 Dec 2022 21:15:58 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg

104.110.27.78

200 OK

24 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
24 kB (24386 bytes)
Hash
cb2701f69033671b5b2f3fec4c80f572
ab6a87369924fa513fa98e04677c2d332d5e25c1
9913aaf46bebf4d41ba3b37f686ba546b41faa33db9dc720a68bebd924121125

HTTP Headers

GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "635162e2-d177"
last-modified: Tue, 01 Nov 2022 22:03:11 GMT
server: Akamai Image Manager
x-serial: 1920
x-check-cacheable: YES
content-length: 24386
content-type: image/webp
cache-control: private, no-transform, max-age=1801869
expires: Wed, 28 Dec 2022 22:01:55 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/reflect_card_only_hppb_1700x700.jpg

104.110.27.78

200 OK

4.4 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/reflect_card_only_hppb_1700x700.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.4 kB (4398 bytes)
Hash
dc1423f2c7cc45f6f97be3757b8f8b52
93d350e9d1e93dd8c0340e803f675bfa7f59ae6b
b407a56b8cbd9727341490868500a4bcff59fd2e939a8d37a7d176e84634fd53

HTTP Headers

GET /assets/images/contextual/responsive/hpprimary/reflect_card_only_hppb_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "632c7aa6-1455f"
last-modified: Mon, 26 Sep 2022 21:16:21 GMT
server: Akamai Image Manager
content-length: 4398
content-type: image/webp
cache-control: private, no-transform, max-age=845526
expires: Sat, 17 Dec 2022 20:22:52 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg

104.110.27.78

200 OK

46 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 616x353, components 3\012- data
Size
46 kB (46359 bytes)
Hash
dcf7437b7a206b67e8a55258ceea28ae
88e53c53f0878df1b91a66feaaa14fd8fae4af48
360a07438b52ee265a76b81e252fa33b85d462168d6998b6e35df8df2899e9d3

HTTP Headers

GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "63505819-d82f"
last-modified: Thu, 20 Oct 2022 21:37:57 GMT
server: Akamai Image Manager
x-serial: 1019
x-check-cacheable: YES
content-length: 46359
content-type: image/jpeg
cache-control: private, no-transform, max-age=763680
expires: Fri, 16 Dec 2022 21:38:46 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png

104.110.27.78

200 OK

1.6 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1570 bytes)
Hash
9bab6d4f56255c3eb509223b9e20a4e4
9dab7ff41b34eb5a3ac57e0b09e6215b549b7136
e68a77a05fe5ce16c4f6aa3590d99909ddb57e180a0741736debbe26fd98233b

HTTP Headers

GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "633eedca-e69"
last-modified: Tue, 25 Oct 2022 20:39:05 GMT
server: Akamai Image Manager
content-length: 1570
content-type: image/webp
cache-control: private, no-transform, max-age=1192195
expires: Wed, 21 Dec 2022 20:40:41 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_b_mv_0723_3954_b_1600x700.jpg

104.110.27.78

200 OK

57 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_b_mv_0723_3954_b_1600x700.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x502, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
57 kB (56918 bytes)
Hash
8e01286a77c42c8aebfc80b3b90ccf1d
287926659bbfbacad8d19a53d898dfc1dc72849d
763d0bd81cbd64de88b68a828a3568c8744e60e19e89f921a5c6c2dc681d2554

HTTP Headers

GET /assets/images/contextual/responsive/lpromo/wfi_ph_b_mv_0723_3954_b_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62057fd1-1737b"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
x-serial: 542
x-check-cacheable: YES
content-length: 56918
content-type: image/webp
cache-control: private, no-transform, max-age=1403912
expires: Sat, 24 Dec 2022 07:29:18 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png

104.110.27.78

200 OK

2.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2330 bytes)
Hash
cd43a2d200f1b8eec84495408eb299f0
2eb173b0af9b49b634e0645a96931f5fdf6e3ab3
659ec8c02bafa9c286c39731fb1d2d382a7a8dd2ee8cc4132146558dbe27b6a8

HTTP Headers

GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-9f2c"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 858
x-check-cacheable: YES
content-length: 2330
content-type: image/webp
cache-control: private, no-transform, max-age=1518035
expires: Sun, 25 Dec 2022 15:11:21 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png

104.110.27.78

200 OK

2.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2340 bytes)
Hash
2f9e97870725142046712437d067b97f
bf8db685193835edea05ac95e5671b24e0f49467
50ce7b0d954443e5fd62e3cd003bc7124bda0b30dd58d6a66485c72be96959c0

HTTP Headers

GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-cf3e"
last-modified: Thu, 14 Jul 2022 02:02:39 GMT
server: Akamai Image Manager
content-length: 2340
content-type: image/webp
cache-control: private, no-transform, max-age=1368965
expires: Fri, 23 Dec 2022 21:46:51 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png

104.110.27.78

200 OK

2.1 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.1 kB (2092 bytes)
Hash
bf02d082705f06162b2e73f68602e79e
219dbb45081fa5d8663bad2f96e9066e7f17aa6e
10c22e3b130204065c1a61e7995a9defe21f0408801e8b442035a03f8d16ad64

HTTP Headers

GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-7b35"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
x-serial: 416
x-check-cacheable: YES
content-length: 2092
content-type: image/webp
cache-control: private, no-transform, max-age=1549445
expires: Sun, 25 Dec 2022 23:54:51 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB

163.171.131.129

201 Created

18 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

HTTP Headers

POST /ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2145
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:5$_ss:0$_st:1670464845199$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 201 Created
Date: Thu, 08 Dec 2022 01:30:46 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=vENhE6SIcGU2WtekV9oSBQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=vENhE6SIcGU2WtekV9oSBQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=E7CDE9EAEACFC861F51394F9526E5F7C~-1~YAAQHWgRYJAaKoqEAQAAi0Nb7wk8QY7BVJcRvfXDnfTkb/qrlesM1tqLuaGAEmj+A8giuGrmxNJ2qeMZmKQFKDTSJkcQd2m5DlD1q9ZyygQKnIYQQ0j8bi8ub3a/VqSye+J7cJl3fB56idwOragjAipWicMTsQF+gAl8HIwz6k9WYvJb4s2vIuUi39BthMdDXYAOfx7/Hzf7I5jQLGrWLOlQJt7DFvPhd36+GfKXJ+LetDzkD6w+rVOFNzaSXPEXNMIXqhYdExRr3GOBCNiRby9VDsg2ZaEQLR6q/SUfeg+SFQuzzPrxAWpUqlt27jLV1gy7KRCXod50j7djbwlvmBEy8+JgEaXbX5WH91Vcjoe28RVk3OGpiy2sEJGUL/DVNA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:46 GMT; Max-Age=31536000; Secure
bm_sz=F4834B5773714BF994C14382DFFEE726~YAAQHWgRYJEaKoqEAQAAi0Nb7xJyhPuJGj0mkFSeg5coA5b+MyO/aNpOXNMkVkAiytLWrqPzpWZFRdAeey+LicVMT2oQExVLw5jIAOHJN73xKZ4AFLUdZ2H4v2dSuGlztDIijxy3/cDKVjbmCmjR159K3xrAPYHpIvh/Q2sf7ABJRz3yBAZfeb2M75yuzCc5WZdHseFaPX0tJPoXrIgHmJ0Jyq+cSH+KaLss7zW4ryRehYH1Y1V7mZ0EJ2dR9MsKKcrru22MZM5/OTslM9v8ALS9nX6EJk3zY+ugyI3FCr3aKZFZyCao~4534852~4338227; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:46 GMT; Max-Age=14400
X-Via: 1.1 bl21:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e46_bl21_26355-5595

connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js

23.36.79.24

200 OK

569 B

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
C source, ASCII text
Size
569 B (569 bytes)
Hash
33fbe3a2d69cddef6e4a946096d516c6
5dc02187efd63f59e7747024016774a9ae4046bf
5afe00e1770197f51923e187f09f529db01f0ad8a3f245b2e9b571446e364fe8

HTTP Headers

GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 30 Nov 2022 23:48:22 GMT
Vary: Accept-Encoding
ETag: W/"6387ebc6-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 569
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=13M0NqHmyqpCeY%2fPvWfm4f9W2e5HLcaw0YiJnBr9NPe6Dywr6PchbDhTR4u41XI6; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10507
Expires: Thu, 08 Dec 2022 04:25:53 GMT
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10507
Expires: Thu, 08 Dec 2022 04:25:53 GMT
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10507
Expires: Thu, 08 Dec 2022 04:25:53 GMT
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10507
Expires: Thu, 08 Dec 2022 04:25:53 GMT
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10507
Expires: Thu, 08 Dec 2022 04:25:53 GMT
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive

www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png

104.110.27.78

200 OK

852 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
852 B (852 bytes)
Hash
83d5bb1eeca48fd91b76ba78a6033079
795d21b0703fe9606406267cbb1740251f17949c
b5b73fb58b90213e3e94e8bb2f2821ae968e4a14c736940a2a80673c5039919b

HTTP Headers

GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6217f519-1d25"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 852
content-type: image/webp
cache-control: private, no-transform, max-age=1288508
expires: Thu, 22 Dec 2022 23:25:54 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg

104.110.27.78

200 OK

1.1 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 79x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
1.1 kB (1118 bytes)
Hash
8fc4a7236687f00978c3d3d9c679fa7d
5d7bcfc23ba4a4b58f22f497b214e7b427916b05
c2f04b9277e2158e498ea44ff61a651461ac7bcf0eed712b78fa8e21ae6eabfb

HTTP Headers

GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6286a22a-81c"
last-modified: Thu, 14 Jul 2022 19:31:27 GMT
server: Akamai Image Manager
x-serial: 2010
x-check-cacheable: YES
content-length: 1118
content-type: image/webp
cache-control: private, no-transform, max-age=1618003
expires: Mon, 26 Dec 2022 18:57:29 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png

104.110.27.78

200 OK

712 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
712 B (712 bytes)
Hash
856ba11ad61b561850f726f3f9bd8c6b
b50337dec6ee97d505a21bdcaa15f4a0d2bb2571
7867b0f1e4d21ebd684268360f820149578a15141a9128b57a97843c0fcb3b72

HTTP Headers

GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6217f519-1c20"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=1440640
expires: Sat, 24 Dec 2022 17:41:26 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6186 bytes)
Hash
535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:20:15 GMT
age: 47431
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/h.com_card_79x50.png

104.110.27.78

200 OK

2.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/h.com_card_79x50.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2286 bytes)
Hash
54a0dd5862244507f56e176ecde59056
2d8f7d7e00316c6811ce2552e608260481303898
749d47078866f2ebe0c2b692de339996ede393b570c7f73418ac0ed9a6882539

HTTP Headers

GET /assets/images/rwd/h.com_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6217f519-23fc"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 2286
content-type: image/webp
cache-control: private, no-transform, max-age=1222649
expires: Thu, 22 Dec 2022 05:08:15 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9596 bytes)
Hash
c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 11842
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png

104.110.27.78

200 OK

1.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1348 bytes)
Hash
20395535ccb9d64fc541151586d860d7
791003e66d20380a1925d19a9bb3c4cbaf451073
5220e2267bf1d52810fa37112ed26e7d0d6a6f8cfaaa7d36c032b68562030d05

HTTP Headers

GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6217f519-1be6"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 961
x-check-cacheable: YES
content-length: 1348
content-type: image/webp
cache-control: private, no-transform, max-age=1385173
expires: Sat, 24 Dec 2022 02:16:59 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5245 bytes)
Hash
43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:24:13 GMT
age: 11193
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png

104.110.27.78

200 OK

9.7 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
9.7 kB (9652 bytes)
Hash
8b4c65145c9e79c9856c52e2ce603d3b
438a74f7b0422772484641c478e42249dfe67b02
768a1f0d67ab6d887d220ae8500265022bc019d8076b815c8ca7b009556be135

HTTP Headers

GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6328cc17-9829"
last-modified: Tue, 11 Oct 2022 18:46:18 GMT
server: Akamai Image Manager
content-length: 9652
content-type: image/webp
cache-control: private, no-transform, max-age=2304116
expires: Tue, 03 Jan 2023 17:32:42 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg

104.110.27.78

200 OK

29 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
29 kB (29240 bytes)
Hash
1368994cfb46c8ae169c749459365581
49af26a99885e645354f7b26e123655cdeee159b
a5bcbe6002a1fbae84d43160b1f45c3686d5c35e7fda458e9f4b3fd2dacfe3e5

HTTP Headers

GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "618017dd-cd21"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 29240
content-type: image/webp
cache-control: private, no-transform, max-age=1397322
expires: Sat, 24 Dec 2022 05:39:28 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/woman_in_office_616x353.jpg

104.110.27.78

200 OK

32 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/woman_in_office_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
32 kB (31450 bytes)
Hash
7b5816c180aaf51a1142bd41e53a6ed3
f8dfd3ec8e0fb88ecef0a4b07acda06d280741ab
d7651b47c8d449b7311d15e9625df3514e7c0278ff059392189e608b5a9113a1

HTTP Headers

GET /assets/images/rwd/woman_in_office_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "618017dd-d06e"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 31450
content-type: image/webp
cache-control: private, no-transform, max-age=1557107
expires: Mon, 26 Dec 2022 02:02:33 GMT
date: Thu, 08 Dec 2022 01:30:46 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8438 bytes)
Hash
f4cbd333b74ebe10e77c1bdf1fec0269
bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8
7c868974824cef2f1a08c4500d10490fbaa8515984391b822c70a5009ad8c225

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 79861560-2468-4c0a-afd8-800d1e6d6814
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4A5EbzIAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d2-0b1efe0b006b8b0b2f69870b;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OInz4Evmbh2Z4PL2ogGsw6iOF9I-u-KhBhAsHHiA46CuHcqHo2Z34A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:07 GMT
age: 11859
etag: "bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9058 bytes)
Hash
f0c8a8dbe6c3ae6eaa2e464296708f5c
98556b27bc3759d0ceb8200ff5bc7b9567e428a5
bfc64a0e18c0137360f746eca256f464e26d23a04521ea629c46ae50ea6af173

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 1f7fdd3d-1e65-46f7-8ef2-d164bf81e72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz4FtuIAMFjsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-4866b3fd61fdb35d34317038;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rKTosJz8cRhO0Bh2MpbFNF5gHtR5wecakD1UZvR2wZUaFRUQC6IW5Q==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:18:54 GMT
age: 65512
etag: "98556b27bc3759d0ceb8200ff5bc7b9567e428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 6914
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/gb/detector-dom.min.js

23.36.79.26

200 OK

132 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65434)
Size
132 kB (131829 bytes)
Hash
73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7

HTTP Headers

GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:51 GMT
Vary: Accept-Encoding
ETag: W/"632cbfa7-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 131829
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=4NcuECgaBIqW1z5Piz6oOA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

23.36.79.26

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65507), with CRLF line terminators
Size
45 kB (45055 bytes)
Hash
02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4

HTTP Headers

GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=XOYmzq%2fe8gMq4onqJ6Q86A%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

23.36.79.26

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (32088), with CRLF line terminators
Size
14 kB (14304 bytes)
Hash
3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=pwOhLpnwGMdUVs4zL1t8qQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
abfe375096bfad484cdbeca1076184cd
41a864ca85b8798975b0bab4891129ff76f4fd55
6e89ad7525e4268ae0dc2f35741b2b3594f91e3242e576bedf6566d03fd09628

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 665
Cache-Control: max-age=103636
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:46 GMT
Etag: "63902d81-1d7"
Expires: Fri, 09 Dec 2022 06:18:02 GMT
Last-Modified: Wed, 07 Dec 2022 06:06:57 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.dfcfda3cf6ac55a7ceb9.chunk.css

23.36.79.24

200 OK

37 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.dfcfda3cf6ac55a7ceb9.chunk.css
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
37 kB (37102 bytes)
Hash
1524d2feddb5b31daa9fe7c4fcb562b1
45717724083119d92a3e2e5e7b65724ae0333b84
ddb56ac96f135f1dc6eede90348813730b1a2744bdd3e5f20443dbc6010820a0

HTTP Headers

GET /accounts/static/7M/accounts/public/stylesheets/wfui.dfcfda3cf6ac55a7ceb9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 37102
Last-Modified: Wed, 30 Nov 2022 23:48:22 GMT
Vary: Accept-Encoding
ETag: "6387ebc6-90ee"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=x86Miase4JD7D3SupYKJbA%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
abfe375096bfad484cdbeca1076184cd
41a864ca85b8798975b0bab4891129ff76f4fd55
6e89ad7525e4268ae0dc2f35741b2b3594f91e3242e576bedf6566d03fd09628

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 665
Cache-Control: max-age=103636
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:46 GMT
Etag: "63902d81-1d7"
Expires: Fri, 09 Dec 2022 06:18:02 GMT
Last-Modified: Wed, 07 Dec 2022 06:06:57 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
abfe375096bfad484cdbeca1076184cd
41a864ca85b8798975b0bab4891129ff76f4fd55
6e89ad7525e4268ae0dc2f35741b2b3594f91e3242e576bedf6566d03fd09628

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 691
Cache-Control: max-age=103662
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:46 GMT
Etag: "63902d81-1d7"
Expires: Fri, 09 Dec 2022 06:18:28 GMT
Last-Modified: Wed, 07 Dec 2022 06:06:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.2f6490b248e0bc46f824.chunk.css

23.36.79.24

200 OK

23 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.2f6490b248e0bc46f824.chunk.css
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (23136 bytes)
Hash
1f394d5e622516de8455a0adad3ec3a4
6ea419e3813723cbe7bb8e2b1a55007c27de2cf5
f5e90651778c28c44a8527a67cf1e6ca98e3f444079e453f4005558e66437e2c

HTTP Headers

GET /accounts/static/7M/accounts/public/stylesheets/main.2f6490b248e0bc46f824.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23136
Last-Modified: Wed, 30 Nov 2022 23:48:22 GMT
Vary: Accept-Encoding
ETag: "6387ebc6-5a60"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=vFr8KEomGR3MoM6TKa8Sbg%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=31666747346733107464597186250520544179&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1670463046054

34.247.60.250

200 OK

319 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=31666747346733107464597186250520544179&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1670463046054
IP
34.247.60.250:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Size
319 B (319 bytes)
Hash
f5f06b43b0433172682b1b65a1b0234e
eebb40111f8e7df9fb8a6ef60812abe241b2b73c
714a8d3262f1ec4ea66a393d5170a91cde09ef7030b62002ade0f51642026e36

HTTP Headers

GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=31666747346733107464597186250520544179&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1670463046054 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0f2a7c28b.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=49401630325603214252233408166544592846; Max-Age=15552000; Expires=Tue, 06 Jun 2023 01:30:46 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: z/pOY5wxQlY=
Content-Length: 319
Connection: keep-alive

wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1670463046063

52.212.61.205

200 OK

330 B

URL HTTP/1.1
wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1670463046063
IP
52.212.61.205:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (605), with no line terminators
Size
330 B (330 bytes)
Hash
c683fd943ee872c668c0c3167f6b9f36
950dc43a6772bb59727667284236ef87886d1ca1
9b04c95e315a51ae5c13984cbabd80f0dd3bd573845616b4d51f736058869e4a

HTTP Headers

POST /event?d_dil_ver=9.5&_ts=1670463046063 HTTP/1.1
Host: wellsfargobankna.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 431
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0ebeee8d5.edge-irl1.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=31703230871394258014594082158591883680; Max-Age=15552000; Expires=Tue, 06 Jun 2023 01:30:47 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: H8MjTMUCSVw=
Content-Length: 330
Connection: keep-alive

dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=31666747346733107464597186250520544179&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202212071730441914226061%011&ts=1670463046058

34.247.60.250

200 OK

321 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=31666747346733107464597186250520544179&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202212071730441914226061%011&ts=1670463046058
IP
34.247.60.250:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Size
321 B (321 bytes)
Hash
200a105ee2382b59866aa4018c35a533
8db2ff2474c06ab928ba1330abc1aac4a66a0914
a47ac8a98cea3c584671526b58ad8dac36857733a5cc2614e2d65c915f980dfc

HTTP Headers

GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=31666747346733107464597186250520544179&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202212071730441914226061%011&ts=1670463046058 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0078884aa.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=51891216826479614321150443300591704214; Max-Age=15552000; Expires=Tue, 06 Jun 2023 01:30:47 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: OiRdp2WKQmA=
Content-Length: 321
Connection: keep-alive

static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1

23.36.79.26

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65507), with CRLF line terminators
Size
45 kB (45055 bytes)
Hash
02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4

HTTP Headers

GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=7hm30KRxFwwqacrHplWB1w%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153

23.36.79.26

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65507), with CRLF line terminators
Size
45 kB (45055 bytes)
Hash
02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4

HTTP Headers

GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=e8uYecv7GDGZd+pI9WmnHA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569

23.36.79.26

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65507), with CRLF line terminators
Size
45 kB (45055 bytes)
Hash
02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4

HTTP Headers

GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=0bvHQ3mGu9tJHJdSRXaDMA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.85f8fe51d92e1666882c.js

23.36.79.24

200 OK

3.6 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.85f8fe51d92e1666882c.js
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (7300), with no line terminators
Size
3.6 kB (3646 bytes)
Hash
529a7c0a23255dcba4b28d93223b1baa
d42dccc998c4ef14ccd29ac23dad922646aff36f
efe09028974baf21caabbc06eceea0e8b01d1efd9102f7985743241f6cc8abb2

HTTP Headers

GET /accounts/static/7M/accounts/public/js/runtime.85f8fe51d92e1666882c.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 30 Nov 2022 23:48:22 GMT
Vary: Accept-Encoding
ETag: W/"6387ebc6-1c84"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3646
Date: Thu, 08 Dec 2022 01:30:46 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=tciUtSEEEd%2ffWxY9FyxJ%2fYz9iBMy1fdoR7W02+cTcHhHQX4TFQUm95lYJN7J%2fQIv; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6fdb9b8e1963d5f13d91db22e9294f97
f808d36103005c224eb6f7e4543d30271d2957b0
7ca8f99e7a6c7664a782af94d7b833d3a6374601a8a3a5cd382726d5d7fa3030

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 13:42:55 GMT
Expires: Wed, 14 Dec 2022 13:42:54 GMT
Etag: "f808d36103005c224eb6f7e4543d30271d2957b0"
Cache-Control: max-age=561727,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7761bcda5e06fac0-OSL

www--wellsfargo--com--6449329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA

163.171.131.129

200 OK

175 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
175 B (175 bytes)
Hash
11700b1d01285974e0947577b343d3ca
c5896141190fc17412049c4ed0130f18a1bc875f
c05b3bbe3830e0c7fce699f8b312ec9b3cba3e8ebc9e784d3dcf66e8f2c78bd8

HTTP Headers

POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------2810884946629430468766866291
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Content-Length: 167
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:5$_ss:0$_st:1670464845199$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067767%7C6%7CMCAAMB-1671067767%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C2035447008%7CMCOPTOUT-1670470167s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=QysgRwkss+A3ZaIzvMrT5+iJvEIK8aZ8od5JU6KyWSh2OnukwDVryD4DcwU0eexq; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:46 GMT;Httponly; Secure
_abck=F5D2682B6B4F9C69371C947ABEAD36B8~-1~YAAQHWgRYJ8aKoqEAQAAb0Vb7wnPtyg1IO01oKVXF4Mic1qmA9x9h6MiEYXlEQ6EMlCD0T5Ny3S8Ix45vZbI0pmo+J1nSELgGvVPLu6QBe77pwMNnDk4xYeqmA5hJj4afABCXeHKm+x7iPZ4ICJjxcaChAXNY937NTpvaZqCfZPZdf26dX4iR9PCbnGR6Vciqu2mBhUI9X2aXLNUUzUN83CL7glCPACnRq6bkZMcPmQQydK+wZIKxEq9Plr3UqI8tATNrnzC0phnKXFxWPz+9WoavOflSB7ijp+bjOuFsc8QxQIlyCRO7pEgJjxEWA7bMR6/iOHnwEOC/bMcCwj71Nsqp7NKxjYuKDEEiFxMSFaQ5tLmy9DZf4cFPid0UYGtIA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:47 GMT; Max-Age=31536000; Secure
bm_sz=F4D33EE11BC57EE2B8F0CA012BBF8FD4~YAAQHWgRYKAaKoqEAQAAb0Vb7xLl8H+ZHLfkZXf6ibPeHKpqieUjcVs6MdGXl1R5VmrcsbJ97HEl8LDkcENpzjplndGJFXtGJda1spNOevf/2ETtYzKBG2SxZbPX94tNCrheklCyLOa++MlCCciCDL3bujar4PWwhCaYl5X5RKlTwQuGgaa1KjOa5npdbgpQ8Gc5mTDSnLsNwxllvPCWTJGThh+6m1QR0Ew4vRFziJ3fBR9idq3jMcC2ZauSn2vQsLK/WSiTlvcTDOcTyu/1gMh/mQ3/aquFXH4yjkhsUm9jRZQXbz7p~4534852~4338227; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:46 GMT; Max-Age=14399
X-Via: 1.1 bl21:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e46_bl21_26355-5607

connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

23.36.79.24

200 OK

150 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
150 kB (150272 bytes)
Hash
ca049139da2643592cf8fcfc452be38f
cc23e2f4afd9b661508a4618065512bfcc1609d6
99d15ff689dd9c6a7d570c9a50b368a470e5b7cea7ade82f11aa949c0b08cc55

HTTP Headers

GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"638eacf5-172f"
Last-Modified: Tue, 06 Dec 2022 02:46:13 GMT
Vary: Accept-Encoding
X-Cnection: close
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 150272
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A3JDW--EAQAAuZyHXqAfIdltDRrO7iJkFnmR5hihPXVCKhWW9OYf2tvZuHhhAVtaKpqcuDv8wH8AAEB3AAAAAA|1|0|19cd06e3a64572c54c2e15cbabf1f2d936d199fb; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=hprWqcIOZYE5rWOH8ukK3m+HIi1ie6XiPHqYHOupegQoMuGMpYsE7pIqCnkACUlw; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB

163.171.131.129

201 Created

18 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

HTTP Headers

POST /ngflDmct_8__GE5CZEW8/r9V9D8VJ7V/M3MLaQE/XhU/UMB0ABkEB HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ADRUM: isAjax:true
Content-Type: text/plain;charset=UTF-8
Content-Length: 2774
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtwYLFC7SrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22UlhGRUdKdnp4V2c4VlZKeg%3D%3DSHMU7Anm9pgcXFLa2oIQaKBQnD3rIuR5Wp8CGe8ZdUACX26s21J5SZ1qwTrlDp9doNpwtJbIgypwj1zh5R7tUWL-j4x9la9DwqE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 201 Created
Date: Thu, 08 Dec 2022 01:30:47 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=atpBEoRdbXnmVEOIbaibmg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=atpBEoRdbXnmVEOIbaibmg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=CBB3810F49837EC6A43B9B35D15D875A~-1~YAAQHWgRYKEaKoqEAQAAi0Vb7wllIKLS3A+In2Izl4Y3CwbKheDq2YD+9pbArBPtm5vnKZJVlGUAJ9hu7oqshbenWjei4EVSKeD1y0a0K8B2YFDDRNOvbdAnsBDVUnsd3OkFIo6Zzfu1iX1AOr91cfiHhrx/SBuxfuj6wEsHx4BTj7bmiSzu3svIP7T7Yr+h7UU7eVFQgsgedzQ1uDfb3dU/MCD52qfUre6nLi3o/83/IB+mN+m7mTSfFKCKX3W/OXZM5q2zK63beRtIQttmIXVzzCWmxE+3paGJ7UJDablzEWc49cf8XJsUywlG9uEeq+kxuDxwAqizWDjRWQKgsEbQwDV7SOl+6TlsRVRIQGC94TQgsbNa5PPfzREkYb3MVA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:47 GMT; Max-Age=31536000; Secure
bm_sz=F479124BD03013C314D4315FC5D0B346~YAAQHWgRYKIaKoqEAQAAi0Vb7xKehLjrmNyavkgOLMY/nFUhlqt3460RrcjFzl1vTmzSe3+1RC7oeIp7lxAyaetwB33e+cs3nH6FUYLAOQbckcFv07rXXbMbDP3UXKm6i4XVUSqhpS6k5K3fQlBClYOUNw2RoquP2qzAAGeucE2z9dfeIBjhrPZfEnr9jY8BloDS7hg44JBZvCR3xbMYspMNb9I0dIUXyvDBWYBFDzS57JBnXMfwDGcUQzbuk+F5qNFfE62dtCHusvtsculQIxjYMbq/dh5Vnn2osTjhnEwQoogUh3QB~3158084~3487810; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:47 GMT; Max-Age=14400
X-Via: 1.1 bl21:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_26464-33606

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.c8097827d58cdc727a2c.chunk.js

23.36.79.24

200 OK

365 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.c8097827d58cdc727a2c.chunk.js
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (65439)
Size
365 kB (365187 bytes)
Hash
ed1c60d77e0977225a5555b0a384d9ff
290372e91561aa88aa03ce8be359242639a7da12
cce65b35b309102e43c13a7ba6fc172af33b701b55d1dfbaf5c34721366773d0

HTTP Headers

GET /accounts/static/7M/accounts/public/js/vendor.c8097827d58cdc727a2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 365187
Last-Modified: Wed, 30 Nov 2022 23:48:22 GMT
Vary: Accept-Encoding
ETag: "6387ebc6-59283"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=b1ybTTE7v%2fB5dPzQ0Y1wc08A5VknrRzPDx3DZGLgEDcRUpghWuvRGuAoJubj7DA2; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

static.wellsfargo.com/tracking/ga/ga.js

23.36.79.26

200 OK

20 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/ga.js
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (49163)
Size
20 kB (19477 bytes)
Hash
d76c07f3794667edfb1c8ac0df3aac66
23e1915175dad06223c692b49c7b3c2aad1a5820
e0a246ff71144016a26e53493b8275a3a02b9386c690a169801840072851136b

HTTP Headers

GET /tracking/ga/ga.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=b+q0ocM4bILdqhht+gMRMA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/tracking/ga/ga_conversion_async.js

23.36.79.26

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/ga_conversion_async.js
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (35846)
Size
14 kB (13593 bytes)
Hash
42c817a7b5f9583b2bc70f742dc950c9
ff75711716f8605860abe551b0235f7194e4348e
881b430ac699f32b3b5234582494d1f4fc0d22be1e6ac797847d66bc5ebc250f

HTTP Headers

GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qDioG6h2P4o%2fPVhA55vMcQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

23.36.79.26

200 OK

16 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (599)
Size
16 kB (15970 bytes)
Hash
18a9dcc7cee831010cf1647c8e39088a
731f39c30835414c6e165dd4687bf4071fe0eb10
1dc439a17ef08f995584c4869ccc397120b2502b57ba40240887df28e347be9b

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=dl+ANP5NhhpgbbTBAhgYFw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778%3A1&_cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57&pv=2&f_cls_s=true

23.36.79.9

200 OK

76 B

URL HTTP/1.1
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778%3A1&_cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57&pv=2&f_cls_s=true
IP
23.36.79.9:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
74a68a753b952207b0fb91b6868ea01b
85f3b7a1a37d4968be183350e7d92bba3a84df45
6bf71cf370cdc6c97357e38282306adff3406e0b7dfb8679b76c7562f70c5097

HTTP Headers

GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778%3A1&_cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 76
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Set-Cookie: _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; Secure; SameSite=None;HttpOnly;Secure
_cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!JYro9KHXx3yQAB0R0YpcGl4FPg9joaDO3hec1M4NQJUUuLYZkXwZUtf0PmDfzk/hS8lBffVHPSWaxA==; path=/; Httponly; Secure
DCID=pB6RQGnLfZ1MQY4lk4ZTrQE3173VLnwXDJHgbwmeEKQWtkqACYd+39IU0aMBvach; Domain=rubicon.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
47ca575e4e17f0d22c64cb660e7a09e7
4dcbee84c5dba4dc2d9e647ff157302b427e869e
5e7f53f02ba783b9bab5cd6670ce0dcd230bd0f9c54fde6c0c1f3ba1523fee63

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4780
Cache-Control: max-age=144853
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:47 GMT
Etag: "6390be71-1d7"
Expires: Fri, 09 Dec 2022 17:45:00 GMT
Last-Modified: Wed, 07 Dec 2022 16:25:21 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
47ca575e4e17f0d22c64cb660e7a09e7
4dcbee84c5dba4dc2d9e647ff157302b427e869e
5e7f53f02ba783b9bab5cd6670ce0dcd230bd0f9c54fde6c0c1f3ba1523fee63

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2863
Cache-Control: max-age=142937
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:47 GMT
Etag: "6390be71-1d7"
Expires: Fri, 09 Dec 2022 17:13:04 GMT
Last-Modified: Wed, 07 Dec 2022 16:25:21 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1d710c2ae0ff0416ce1764fb7693d013
c1c510bda24203ddf2d803c081b623709ba55fa6
775db3bc6b40a9276261cf44642fe22183fda853674d9d16db709e0a7239b408

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=3632680422699;gtm=2od8g0;auiddc=2103577479.1670462787;u1=11202212071730441914226061;u5=n;u8=WWW;u11=PRODUCTION;u19=GA1.2.80669561.1670462787;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F?

142.250.74.38

200 OK

324 B

URL HTTP/2
2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=3632680422699;gtm=2od8g0;auiddc=2103577479.1670462787;u1=11202212071730441914226061;u5=n;u8=WWW;u11=PRODUCTION;u19=GA1.2.80669561.1670462787;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F?
IP
142.250.74.38:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (577), with no line terminators
Size
324 B (324 bytes)
Hash
6ddbb1c6acdee2e7b813f3a74ac4e9fe
c79953bdf956f9e422774471249ce8927aeca638
098e2795cf6b23417ed24d7fe415296df965d09d2ddefb70127658235c3890f3

HTTP Headers

GET /activityi;src=2549153;type=allv40;cat=all_a00;ord=3632680422699;gtm=2od8g0;auiddc=2103577479.1670462787;u1=11202212071730441914226061;u5=n;u8=WWW;u11=PRODUCTION;u19=GA1.2.80669561.1670462787;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F? HTTP/1.1
Host: 2549153.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 01:30:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 324
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 01:45:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.secure.wellsfargo.com/auth/static/prefs/atadun.js

23.36.79.24

200 OK

607 B

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with CRLF line terminators
Size
607 B (607 bytes)
Hash
00c66df208db2e1ba86a1bf44853001c
703b030e21167b9bbb52ae54bca96921a886c2dc
ab1989dd07ba1ed256db9131647ea9cb1b3735fac736fd27fb73b4b44c6e45b9

HTTP Headers

GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 02:52:17 GMT
Vary: Accept-Encoding
ETag: W/"638eae61-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
Content-Length: 607
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=llEX18KOoHYx7eFMXjrfL9zxwhnCdRugRqtSdayzwgx1K1FufZ+j8J0CMLRMwvmD; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
38d1c089860ce360f5266ae101ab05ca
31705702b50e1c818c052b6d2a23f22583aa07d1
097ac1bb8edd3ef2e02fa551d824a0104c6995e130f9cdc4bcfa65583a9785d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.wellsfargo.com/tracking/ga/ec.js

23.36.79.26

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/ec.js
IP
23.36.79.26:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (2771)
Size
1.3 kB (1313 bytes)
Hash
8a1d22ba0de1104dcdc02a582b407ed2
e4d90fd13a73c7379c46b197ded523a5d33c69b9
4a44a1a7efd65360f31e0b1842ad06b7fedc7c0373c69c0077c696cd49cc35de

HTTP Headers

GET /tracking/ga/ec.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=LdBoWiQlBSrA4J0WHx5V4A%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

connect.secure.wellsfargo.com/AIDO/glu.js

23.36.79.24

200 OK

37 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/AIDO/glu.js
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
37 kB (37010 bytes)
Hash
2fb40a51ecb9415162417ae4a91abbac
2abb44c016fe502931b40206271855e7c2e7275c
7d417ce0faf539c058503eceb4fde92f5f300457815f68edbcb9acb1c754df0d

HTTP Headers

GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37010
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=JE4rMSoV%2fsKl+3AIjNUSODjJeToxgSFhHklhzJRs3FvX6f+9xDcAHvrH0dsKtlmC; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=777040260&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=wCCACUALBAAAAC~&jid=1573625879&gjid=1755831216&cid=80669561.1670462787&tid=UA-107148943-1&_gid=2067691188.1670462787&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202212071730441914226061&cd12=BROWSER&cd22=hp&cd23=4.48.0&gtm=2ou8g0&cd35=80669561.1670462787&z=247283185

142.250.74.110

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=777040260&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=wCCACUALBAAAAC~&jid=1573625879&gjid=1755831216&cid=80669561.1670462787&tid=UA-107148943-1&_gid=2067691188.1670462787&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202212071730441914226061&cd12=BROWSER&cd22=hp&cd23=4.48.0&gtm=2ou8g0&cd35=80669561.1670462787&z=247283185
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j92&aip=1&a=777040260&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=wCCACUALBAAAAC~&jid=1573625879&gjid=1755831216&cid=80669561.1670462787&tid=UA-107148943-1&_gid=2067691188.1670462787&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202212071730441914226061&cd12=BROWSER&cd22=hp&cd23=4.48.0&gtm=2ou8g0&cd35=80669561.1670462787&z=247283185 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
date: Thu, 08 Dec 2022 01:30:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50

54.245.191.186

200 OK

498 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP
54.245.191.186:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
498 B (498 bytes)
Hash
0d083c570fb26138306e261593e73fed
11de08c80852636503cbf04fa9c525e5f88cc257
365133c242999cb875f45323952ca5c252e5a7204ee1012e32c19a7c0f8aed7a

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 01:30:47 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 1
server: envoy
X-Firefox-Spdy: h2

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047113&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047113&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047113&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=uN6jErvSZntgVdiieb3VJmTBTl7IrsypCyiwHSsvNnfAsQOwxblNWw4j45AseP9F; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_26355-5652

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047145&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047145&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047145&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=3HfQNrhaAElYBtOfVGBzouGU7ODKZAfuoyBPsvkv6mIOvp3YqBX4f3+UUNyr84E1; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_26288-12839

www--wellsfargo--com--6449329d48d6c.wsipv6.com/as/target/offers/dispositions

163.171.131.129

200 OK

967 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/as/target/offers/dispositions
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Size
967 B (967 bytes)
Hash
a0e4379243fbb3d7ad9ce43ac9de6739
df50653919295f34b48acb6aa693e806eb3bf70a
ddc6d8f1fc1208b11b3d4ff78eb92cdee79d512e9eca76565da0bb66c448eccc

HTTP Headers

POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Content-Type: application/json
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Content-Length: 267
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:47 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 967
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-49dee49b-63e7-4f08-8b84-dfbfb08ce6b8' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com https://www.knotch-cdn.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:193; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:2b5fd1ba-0527-4117-bc08-90a2a1eb96ad; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:2b5fd1ba-0527-4117-bc08-90a2a1eb96ad|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:53; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=A6BC81ABF9C3B4483FFD058F9AABF857; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Fri, 08-Dec-2023 01:30:47 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120221207173047634426199; domain=.wellsfargo.com; path=/; expires=5 Dec 2032 01:30:47 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!5ksWD8q8WWQTkZClRSgBVljp+3g9ldsD5PdYqereKsCVxpvSCQe9BB0ZycnxTFCqeo/kDQgfyiHNcKw=; path=/; Httponly; Secure
DCID=h5nq2M03toR7pL3qvFUOeECj2iq8uhUZ+aKvYQU4JUg%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
_abck=5ABF0BFFB425FDA7A63297F2DFB28308~-1~YAAQJmgRYIl6t8aEAQAACklb7wkWYfjdpHuOKt15j3FSTx+KxAQj/VO4K+PRNZ9KJk5Lu1dr49ibavqbXzlFXDuOoNnKsnb9BBBJ0M8Kk7dL8rfuPmKKFFQ5hp1W7dWkdzNkk3KTRLBWyV1ZgwWBgH0O1bYHVmlobV8qNgAKSsswTJSvbfrfUHPAkmDOjWNaiOLEkXaG0ol4YA7my2I6nWDLMBpmvO71mfpQzYWx+KgisNSUkW2/5CXoa+0mgK4qXl5QIt5RCEFsC/3xbyDVai5JhPCI/gImdpgit21emWhNIx4eSBK/8Bny8Tp4QRk38Ec/bIMV3Nh92CddadxyaWf1nsai+DeyXRdEO0fbIfjRT5LrqMgW9TkV1JKWvTDrVA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:47 GMT; Max-Age=31536000; Secure
bm_sz=884CE745E575AD5AA5A0A81EC44A7A2B~YAAQJmgRYIp6t8aEAQAACklb7xKygnigm+a/0VqCOVwmVhcG4gXHl4IVK6fTNmtlXGXbAdJEXkLt2S2NXIYtIjFCT34JMToAIz5r4IFQz5vjtVcxMIRYZqb6X9fMaDCrUw+uEOST+rTaLrB2Iww9m2PuQZou3PfqKgLOSaTk+ukSEQ8gufw7lH9v5CqKMTCEGo6u/PaYjyOJ+3/97RjBRFCliGaq6z1a///JIJkK6gujpbHpbiq9jff05MAtCpONfcEXf4X14KoEqIZbMzF7FumqZe0PR86Lq4h15iCxr1R7hmicwjp+~3158084~3487810; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:47 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_26533-51959

www--wellsfargo--com--6449329d48d6c.wsipv6.com/as/target/offers/dispositions

163.171.131.129

200 OK

970 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/as/target/offers/dispositions
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with very long lines (2439), with no line terminators
Size
970 B (970 bytes)
Hash
8a3d616bfd5c92f234527719eca6913c
4d12fb7b18221795b79b77025282eb3f359f1deb
d4cd07e461936cabd110d8a88b866eaebde77f3e731f07fdd22e6fdc6fc73aca

HTTP Headers

POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Content-Type: application/json
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Content-Length: 266
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:47 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 970
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-5e3df5aa-5859-4bef-83f0-2020a19c415b' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com https://www.knotch-cdn.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:193; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1195c48d-5122-4509-aa16-7ac6db40ed94; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1195c48d-5122-4509-aa16-7ac6db40ed94|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:95; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=B9BE27B08CA0B382D3FFC27D1E4B937B; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Fri, 08-Dec-2023 01:30:47 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120221207173047447675072; domain=.wellsfargo.com; path=/; expires=5 Dec 2032 01:30:47 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!IWUvY5AThx0TA1YCM1DtwKm8Wrr89zCRdzD+sld6yIplowqwS2KFtN+QKZMYoimiLGm1hrDfBS6nxV8=; path=/; Httponly; Secure
DCID=KOICgvzKTt3xXimD%2fnmh6Ag7rVGtQdycMgelvf57wISnz6jh1JvGull%2fz9LzCSK6; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
_abck=BE926E182785F8C46AFFBB31D5460FC0~-1~YAAQJmgRYIt6t8aEAQAAE0lb7wk7QjsQCCrAKsgzd/c1oFNf5BXdPyaB1FHSncpRwOhXWv0ri4TFmnPEw4b+pE0MOdTOZcr8UpfGyUxnQc6yZJf2m2zS6X+9lMdApw7s/FZQfeKk4wFxG5jgKz0IHlv8s97I/DHZntuJexkuEiWqNz2hJ2iE4gjjH1ktoASQpRmBqLFnnTsw73mnf+ZrJdo4RpXmHjfbqaMU0OAuXoaJT/bi2yIYa0rFky1ydwZSjeKo7PPb7tR3c6yQrLGL1puz9yZ7tYhybkKxn0n3wI7hr+fYQXlhqSnjV/k/WBEVgfjMqpgsUFRKm6qfNJdwVhF3XU7x80GAcw769BDq8QulAX/Kdlx340sCGMjCW6Sg5Q==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:47 GMT; Max-Age=31536000; Secure
bm_sz=3164FCB51145A6354F32B30E7C8660D6~YAAQJmgRYIx6t8aEAQAAFElb7xIyGAwnqNHRn12NMwU64Qhvk3h9QwDlJaZIyEOhajtGIVFeLMq5wZC9dzype5UXHYg/Ltwc3OgtdeuvYs+cPOxCEfChgCYxdQ3CVEwcM197+1oTgIqzzkCPhgADeR60lDQ6AiLc20qTrdR06SD2f8b7EnkwE4/nvp+cqItACOWTxowqhFwytRLwikXa8Fv9jESD2sX+I+PAz9yzAT2E4wU1x+Sd9kgV7yWFIoAAYBATEIyvnbapiuJhmgKiB3NT3K9lbuqXwsURTXdRw/pDHK3GYbI4~3158084~3487810; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:47 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_26325-2901

www--wellsfargo--com--6449329d48d6c.wsipv6.com/as/target/offers/dispositions

163.171.131.129

200 OK

971 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/as/target/offers/dispositions
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with very long lines (2441), with no line terminators
Size
971 B (971 bytes)
Hash
2b410f2cbcdaeec8868cca9ecee9d712
7b2caed3cd158ce467cb7eed9689b20be673450b
62bb825966a8f999a4a40dae695cbf8259ad57247ab5fe78c318578c63c4de49

HTTP Headers

POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Content-Type: application/json
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Content-Length: 268
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:47 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 971
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-53609b27-a5bd-4e09-a857-f76ceb048419' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com https://www.knotch-cdn.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:193; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:ed0cc1f3-7358-4408-b60b-f0dcfa42fe6c; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:ed0cc1f3-7358-4408-b60b-f0dcfa42fe6c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:95; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=F5FD6B867CA7B657E294C1480CED60EE; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Fri, 08-Dec-2023 01:30:47 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120221207173047148829561; domain=.wellsfargo.com; path=/; expires=5 Dec 2032 01:30:47 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!83INopPVV/pNmA0CM1DtwKm8Wrr895IGGU/1wGrg+/u8pK/f90FfKDnaBMGDlO4RZnAkqzBR3iUVGyw=; path=/; Httponly; Secure
DCID=tALUhb6fTpSvdNgsllPX10f0H4oavlNEyEjo2RKZ7oqud3qXmScX9JT6x5NQqwg%2f; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
_abck=A219BC98607ED548171289A63E97ECA9~-1~YAAQHWgRYLwaKoqEAQAANklb7wmbUfQ4nQBVhbkJ5qDu2Wa2jwPoe1g2G0AlG7UZClpPb1ASLWv6DY2p3Gx4pDaRW/SL85xfoSGkiMphjzsSTxWrm2BNF0IQf05hhbjEv/89IW6UxoTyErSPFZbZDsyjsZp80E5Qdfx+Bdx2HQb/W7IZJ5JHgMtXdPF9rZf3+88mnQCyWWB9H59SVOME8++/IOTCVkqbPPp3pqlVZj4k+VrrVPkDupdAP69XRYKFhrYwAcK2RBbCwnedjdXpxfVfZbEfrSKRxobxz5gcST7BghwIqkp/W13xCTAB6OmMP+/DrsygW0jvah81ufe3xgRErsgqUQFrzsk7TfdYy91C1AULm+XoWeeK/4O6QG8oDw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:47 GMT; Max-Age=31536000; Secure
bm_sz=441F9B8DC6EA4412A6FF98820290C09A~YAAQHWgRYL0aKoqEAQAANklb7xICzd7PLfgINGj+xjrJL8Esvc9hZqpuPVKlpFUvJnhW5SoS/nNImsXoTFrUxSkj93IC7mvgqaHNM5prC6mKEMElJ/s75rcZRBbyUuIEcjS6ffYc94sUo4ICcUOd28lls3wqh3HQRnaPZophu73Q5YivKZPS4M58XZ95MsUjjw/YbD/LZxjR0PR+4hzQ3CeB1rt+duu6hxaeSGO7pihaGVVcO1/2QCIhWGS5Xv8SmOMHv5TfjZ6+bgtgWzEnqZBm4khTd1fHZD1VQr0sLdZwV5yG28zT~3158084~3487810; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:47 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_26464-33641

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047150&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047150&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047150&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=5qIiwV0GNTuYwwuIlfjPeRqiLY1JpxNISIUYCfegXGWEpCy32Bw7CT8QVw3+aagd; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_26355-5665

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c221e4deeb8144b7fc354cce5dc563f8
578e9395e2800e2e19bde2a1d49d9501f6aa3364
258bf83c23b05e8bc9b987e849a194b9f81742ee4268f6453a1e88bfaca959f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51

54.245.191.186

200 OK

116 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP
54.245.191.186:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
116 B (116 bytes)
Hash
d8d10463efbe89ff0a4b847c2b13d8a0
d1babe018c316e33ab2db33e333db2a3a0cd5de0
6d779f57501a58ed080d75da54ddf0a81d5eed34ba4e83aab7eb90729f5927a1

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 01:30:47 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=2549153;type=allv40;cat=all_a00;ord=3632680422699;gtm=2od8g0;auiddc=2103577479.1670462787;u1=11202212071730441914226061;u5=n;u8=WWW;u11=PRODUCTION;u19=GA1.2.80669561.1670462787;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F

142.250.74.130

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=2549153;type=allv40;cat=all_a00;ord=3632680422699;gtm=2od8g0;auiddc=2103577479.1670462787;u1=11202212071730441914226061;u5=n;u8=WWW;u11=PRODUCTION;u19=GA1.2.80669561.1670462787;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=2549153;type=allv40;cat=all_a00;ord=3632680422699;gtm=2od8g0;auiddc=2103577479.1670462787;u1=11202212071730441914226061;u5=n;u8=WWW;u11=PRODUCTION;u19=GA1.2.80669561.1670462787;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 01:30:48 GMT
expires: Thu, 08 Dec 2022 01:30:48 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.secure.wellsfargo.com/PIDO/pic.js?r=0.5817860576754121

23.36.79.24

200 OK

42 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.5817860576754121
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (42438 bytes)
Hash
7ace26dd666fa0d07860b994e680809c
126ef48fb47a697006e5374f14257429cde5ebcb
60100d2301d4daaf66ed000056fa7d1157503c610362447d1a290c4349d835d3

HTTP Headers

GET /PIDO/pic.js?r=0.5817860576754121 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 42438
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 01:30:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=oOJomPLI+HDu6AAPAJBvW2TND6t6PMw3zhFPRS82FQBxw1fLsKPWhDzFzIbGTXnb; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.8f9cf4ffa67837217dd4.chunk.js

23.36.79.24

200 OK

301 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.8f9cf4ffa67837217dd4.chunk.js
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
data
Size
301 kB (301326 bytes)
Hash
86cb753a1712cc09c1dac67173248eec
b9f80ef6adb065bbb4b4a255eb644212172a4178
f1f7fd72e4328957bfe6a018be5a126010d8383733c4639205cc470022e58f30

HTTP Headers

GET /accounts/static/7M/accounts/public/js/wfui.8f9cf4ffa67837217dd4.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 310941
Last-Modified: Wed, 30 Nov 2022 23:48:22 GMT
Vary: Accept-Encoding
ETag: "6387ebc6-4be9d"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=H4pPnzzC+Yh%2flfUs4OYkSdV%2fB5ipPMQwMLZkW38NggEmCxeCIjYSpPMmhjOs2ywF; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

connect.secure.wellsfargo.com/jenny/nd

23.36.79.24

200 OK

17 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/jenny/nd
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (2285)
Size
17 kB (17012 bytes)
Hash
862309933e03f65952380d18f0e816ff
a1253923cdfaf5377d10fceaa9af7e60ba9d7b76
82254d79571805a998ae22b2bebe0487ff1764083c5e590ef519281da04dcdf9

HTTP Headers

GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17012
Date: Thu, 08 Dec 2022 01:30:48 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:425986af-2678-4357-933e-e75d8de8b42a; Expires=Thu, 08-Dec-2022 01:31:18 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:425986af-2678-4357-933e-e75d8de8b42a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 08-Dec-2022 01:31:18 GMT; Path=/; Secure
SameSite=None; Expires=Thu, 08-Dec-2022 01:31:18 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Thu, 08-Dec-2022 01:31:18 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Thu, 08-Dec-2022 01:31:18 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=hhIqCXtlRuuLiYAb2Fv+gBJuJ+o5F1h8ji4qk2UoGnVGKYAhXxY0v5ppT4dYdU4Q; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
_abck=0681A5541BFF8CC2294AF88B02CFB192~-1~YAAQFE8kF2jGEYeEAQAAvElb7wm2ERPgxiGVc3izV3CCdU/wG+GMbRrRbiQp8TOU6fM1Y2Rw+KCFiQ4UQ3xJMkvojTl0o9NO2pO33MGfzFqO929Guguaxen51tXadtPEFNC5zk0YeN+Fh9G7bZooqck3hxq5wdyfFvhTEwNHUFndiRPrTiDmBT8Ho9QAuowg+TZlzqVeOoFs0+ISCcMQktyhcBzYL7zHQwyq/F+nmHMjex/fsr2GPe5ZNMvp+R4XvMNKgUwmwF6J0oWR9TJhPNIzMpBuTE60D1axJA+JZR42wgj/H9xOrkoU0DCRvlj73paH+hHMAzys227bD1cs9Wv6HkKYZWIjgZVy76Vzz4LBjGaRWdFQqtWBiW//oq+skw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:48 GMT; Max-Age=31536000; Secure
bm_sz=3F4CF57FE7B0FA07044D3FB2DE61FF2B~YAAQFE8kF2nGEYeEAQAAvElb7xICJzud9ykE5NfXGnOuceiDGClIqkbhXwvi8XRNw9GGlp50rVrqImqi/rd9OTqXNVktcefImM60//21pP7j6R5k+hYas2nb9nN2yqIkAtx94aBZhxpxq7ATY4FgMb4f1+VRSMxPFKs330q2IrBvghDvW5KB+Pl9gKeenCf9kchOFIEKA0tWPVgUTH0EEeVVgWBwkXTIwP+K3sdMJ1QRh8Lv8uxErvzjMDOAIwuxhYemAVzDtAoVlJdI0EEsEwRE/ALLqF45E959+ZftrqVsdZjKpXCD~3420983~3354948; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:47 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

www--wellsfargo--com--6449329d48d6c.wsipv6.com/as/target/offers/dispositions

163.171.131.129

200 OK

968 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/as/target/offers/dispositions
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with very long lines (2437), with no line terminators
Size
968 B (968 bytes)
Hash
9687b234b14e5638b0a6130cbe1890cb
8a67aff0ab5ba1b4417e391b100cb4aaa5135b3d
cf45a9be509716e5e18eff4edd50448fc3ea5542fdf9abc923233e57b2719afe

HTTP Headers

POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Content-Type: application/json
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Content-Length: 262
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 968
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-583e70fd-0573-4caf-ab9d-334f81fdb2d1' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com https://www.knotch-cdn.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:193; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:bf17b35e-d027-43c1-8d6b-53d99e0f47ad; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:bf17b35e-d027-43c1-8d6b-53d99e0f47ad|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:95; Expires=Thu, 08-Dec-2022 01:31:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=20030D9B2C8FFB286540E091D9756E3E; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Fri, 08-Dec-2023 01:30:47 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202212071730471389212702; domain=.wellsfargo.com; path=/; expires=5 Dec 2032 01:30:47 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!EiYq2k1DSX3tySgCM1DtwKm8Wrr894kQ7J7zigOvq+rlmAKwbK/0Vu/iPOLo5qD6Ec6lCEZpfIwdiSQ=; path=/; Httponly; Secure
DCID=9HWjNJUYH76XKqpkjfQlYDmtWdNgHApBjtBEnRn21T806F+sZRZr163UNDS8y9Fn; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:47 GMT;Httponly; Secure
_abck=8AEA42C98DD2D3925AA64BA599D2EC9B~-1~YAAQHWgRYMQaKoqEAQAAvElb7wkVDtqc514AFBai5tJPVZgmgN2aYYeizdfKStgDFcOI24kgD0FetXViLsK+0GTVZ5CNNkYti63BLH/SFzBFC23DckrESSV2hlMLwBSYl4ZhrAqoJXEX8Ib3CPXXhgn3CYkodu5PsFYjZdP47H11GFKWv7VVNNCO3LlwGzTzLfXCfIDBIEwtj1bpWvXrzG2S0pF4yV2FJTsILwYGSrmLgbQT8Fg7rLLH83dVIRD4WiTHEEt9aqQJ9fKyVSsOn8lUOE3VagD6t4fcQKO54+Rd0R7antZ8kqtdIu26Dr+hWAJJK46kGnY9XJFjRR34tpdfMCyoK43LYd3LdME/B3epw3Y1ppQb/4k0SuDXhehE3Q==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:48 GMT; Max-Age=31536000; Secure
bm_sz=BF2F625AE59E40AC89D65129E63C3C55~YAAQHWgRYMUaKoqEAQAAvElb7xI4x4x59WJt5LcvQVxNyEfa4v80yPwgyN+xlGzJRxPdwGfW3fe/sNCyeT/YchcQurHJ+d2nci7/LzwJZxUyOVpFXKZsHZShvAxa6Q1AmFJ/0B6Y7F4XYwsRBTO7hpq5W7BIqP7TSr8+jWSEPprXmfIgFMFMXBikiPZLn0Nj6rRqM3U48bCH0wjBmzTXOpe7peaPGbB6ohvAKNdCAbbn89PSBiA87vWvDuJbndSOVk5j7FkCVM8OmzYzAbWTT6m9uuprg7PvSg0HG9j5v8c+1oZO8VsK~3158084~3487810; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:47 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 bl21:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_27669-48671

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047154&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047154&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047154&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=uD+QzmUxvmjFHN3QX+xgPmeBBglSmu752OHXb1wBWFdyxrjf3lefnAezMiMH7V6i; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_26288-12852

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.c4eb3419682ffa818284.chunk.js

23.36.79.24

200 OK

285 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.c4eb3419682ffa818284.chunk.js
IP
23.36.79.24:0
ASN
#20940 Akamai International B.V.

File type
data
Size
285 kB (285356 bytes)
Hash
5dee5fff6e3c1aa680e9bc1a4b833a1f
b16311b85b7bf5e079b2106e801ce156f6e54029
b6b254317af9aa9e814104417e67dae1a2a08d8ede216bbc4edf7c36ea195e98

HTTP Headers

GET /accounts/static/7M/accounts/public/js/main.c4eb3419682ffa818284.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 299256
Last-Modified: Wed, 30 Nov 2022 23:48:22 GMT
Vary: Accept-Encoding
ETag: "6387ebc6-490f8"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Thu, 08 Dec 2022 01:30:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=sovxSGEOwzT2YWZepFW83BDEw3YFYNfdFDZt+gh7LBq+mpHwb7QEx%2flPXndqeknI; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047164&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1reflectcardtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-250163-16%7Etcm%3A91-223657-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047164&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1reflectcardtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-250163-16%7Etcm%3A91-223657-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047164&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1reflectcardtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-250163-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ltlq+T4lzxbqs9mhL0dHuMJMClwqWHgZbwaqYPy+zIKnsDo5XySj7t42sls7Cd7J; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e47_bl21_26325-2922

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047170&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228971-16%7Etcm%3A91-228643-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047170&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228971-16%7Etcm%3A91-228643-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047170&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228971-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=dHXlVq7C4+iOzK0KU%2fSDnoWj36bz1ayfN2aBqTvOuhJl23Pt8vNUs1XKylCmtAG4; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e48_bl21_26464-33658

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047176&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_everydaycheckingrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228971-16%7Etcm%3A91-228643-32&promoSlot=1

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047176&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_everydaycheckingrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228971-16%7Etcm%3A91-228643-32&promoSlot=1
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047176&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_everydaycheckingrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228971-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=qyCA19hO7uXt7q4+Xlj2V3niato7UnNkMIO09tfrkbXKBkcEN0Q4+vmDxUPQVqJs; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e48_bl21_26355-5673

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047180&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242226-16%7Etcm%3A91-228643-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047180&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242226-16%7Etcm%3A91-228643-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047180&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242226-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ocIg6d+cpoaYM2ND%2fNLBO5vjh8wI4blzjL96e%2fJZcnDFvsW%2fJtJZLtrFV9GJuNkm; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e48_bl21_27669-48690

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047184&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_mtg_prequalificationbrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242226-16%7Etcm%3A91-228643-32&promoSlot=2

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047184&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_mtg_prequalificationbrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242226-16%7Etcm%3A91-228643-32&promoSlot=2
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047184&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_mtg_prequalificationbrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242226-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=krNxcHozf0Jwp33ZhAjhfzQ+V94TTYnO%2fbo+oKQRLKLAT2BFSVRv+Aa+OpHlFl5i; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e48_bl21_26288-12864

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047188&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047188&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047188&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=0v5un2Hknq1npqhhkw6jfJ8r1hKLrOnwD%2fjHwIsVUhXMK1BmlQryY37jj65xbu+e; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e48_bl21_26533-51989

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047195&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047195&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047195&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=OvZsBkLwYRJuxjoPbZq+Dk7qpGcthyfHVOKDlTuQnX93iM6KM+874KuS2SJ5B5Qz; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e48_bl21_26325-2929

www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047201&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047201&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&cb=1670463047201&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; ADRUM_BTa=R:27|g:cb5d8b86-2421-4612-b50b-8c244fddd3b1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:193; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Wed, 07 Dec 2022 01:30:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Jgbf9aYAL%2feiZou%2fMtIP7MFI28dUj7uLwctBxs8OrWIX4hIYRloUerTxDrwOBqZG; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e48_bl21_26464-33667

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1261
Cache-Control: max-age=94122
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:48 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 03:39:30 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1670463047087&cv=9&fst=1670463047087&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&hn=www.google.com&async=1

142.250.74.162

302 Found

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1670463047087&cv=9&fst=1670463047087&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&hn=www.google.com&async=1
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/984436569/?random=1670463047087&cv=9&fst=1670463047087&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&hn=www.google.com&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 01:30:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/984436569/?random=1670463047087&cv=9&fst=1670461200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--6449329d48d6c.wsipv6.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&random=2587140919&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 01:45:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=80669561.1670462787&jid=1573625879&_u=wCCACUAKBAAAAC~&z=81234845

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=80669561.1670462787&jid=1573625879&_u=wCCACUAKBAAAAC~&z=81234845
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=80669561.1670462787&jid=1573625879&_u=wCCACUAKBAAAAC~&z=81234845 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 01:30:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 08 Dec 2022 01:30:48 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 329
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 01:30:48 GMT
Last-Modified: Thu, 08 Dec 2022 01:25:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

www--wellsfargo--com--6449329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip

163.171.131.129

200 OK

164 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
164 B (164 bytes)
Hash
14ddf5c0a0dc6cd8ec00d651b12c4eef
412258bc803416aa4d6702f43d7fd974e3c7113a
a6e64136624c3fff72dd6f26fcf8fb54b19f0ccf276c6946cfaa7b0ff2098d97

HTTP Headers

POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2042
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoieGtSYWVRUVwvUTgwZFlsQmJrTlEzOEE9PSIsImUiOiJtejRacjREbGdNT1ZcL3lIYndKZkM2MmNPQ0pPOU40VFB2KzZTT1B0aFAyN1htcDRmUXBPeG5oODlSSUZMZWhOZmVaUzEwNDJqQjNHWTBYbEdrbDZmQWRiK08xTWhkXC9XSTF2MGNGemhaUmxicGJLOXZxcGp6TFwvclA3WnNnWmwzUjZIK2t6dnVuVDNteFF6UnFEY2E2N2c9PSJ9.086d7d9580b22b5d.ZDkyZDNjZjIzZGExZmJjZTM5Mzc1YzhhZTQ3MDZkOTI1NDE1NmRjOWUxMjVjN2EzNTgzMjc1ZDFjZWIwZjlhYw%3D%3D; ISD_WCM_COOKIE=!EiYq2k1DSX3tySgCM1DtwKm8Wrr894kQ7J7zigOvq+rlmAKwbK/0Vu/iPOLo5qD6Ec6lCEZpfIwdiSQ=; ADRUM_BTa=R:27|g:bf17b35e-d027-43c1-8d6b-53d99e0f47ad|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:95
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 164
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
x-envoy-upstream-service-time: 31
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=dFC6tdyzSNX6oMdOv1zVGzVrrIEasuTaluRu5k183v31xtnNqg07DgTotXhAIY7Z; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:49 GMT;Httponly; Secure
_abck=E40291D0C1A4B35887591AC9663FBB72~-1~YAAQHWgRYOIaKoqEAQAAek5b7wloGBBGq/olqoepApHaY25QzsJkt+8GhvwJrKZtd+czTQkkWcz3WE0JOHkzrn5eNoGSo0f+Vll/WsaIxNFp8ZMFC7CL2Cpqg0jUIMuTIk3veWbxE5d1pS5isr6DSDw5UPvp3Jv8/8fzzuArC/4tzht1u8LhxdvyEeyRYMf/v3fF4XomdRSiZW6Sp5LQzy7HkMqyTUQ0XGcNCnzssrrEKdQdm28Pg8Clzf8JiK0OtcepID4VJrTKMb1bO4XgYt7Of0rLvIHBQFOkJaW2cPss6MfjOqFhAfg+OeZ8snYewzkqevuYMDs+cE1WDQxp76LNE8keQlA98EVkoX3M9jFmi28MC0HAtMSyX4A4Mh2Uvg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:49 GMT; Max-Age=31536000; Secure
bm_sz=CFDD1E0676D1358ED4111CAF8EFD06D0~YAAQHWgRYOMaKoqEAQAAek5b7xKoEV6cG87m3S108Aq0cSS2MTcpsY6o3icDZqgk4tSlPwPv2skJklRSuv7vn19yZpZLOlZj+hCDuC7/yv11a51+5Gpi99ntGlwvf6d2T4HlNplZjwjYAyWbifCK9dWyYtdTe5UbZ8thMu95zkdQkSnlgoX+S6rbF58CLeDqHoLFWm2ZO4aXKKnQGQAZRoyF0+y1AboQpLNhLB660cV1HiPzW58o+tYoaifEzxnR61PmK2f3JLdDYntWXp5JfOQBXVlSdnnPLZEsl1Q6wlcllsJ7Mips~3682373~3553584; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:48 GMT; Max-Age=14399
X-Via: 1.1 bl22:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e48_bl21_26355-5705

www--wellsfargo--com--6449329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load

163.171.131.129

200 OK

265 B

URL HTTP/1.1
www--wellsfargo--com--6449329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
265 B (265 bytes)
Hash
ef076741df98962fb9260a5126aea174
945ccb97ff97e150d9646a646d951be25c1f8d1b
b4e0b704a1d360bffa4b017a732c778acfaf870d4f69af47ed15a02cbdf89c56

HTTP Headers

POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--6449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Content-Length: 1424
Connection: keep-alive
Cookie: utag_main=v_id:0184ef5747840021e2d56dcfb3be00050003700900918$_sn:1$_se:6$_ss:0$_st:1670464846343$ses_id:1670462785413%3Bexp-session$_pn:3%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTULZ7I4tFzJ8CmqoQrnvMYmEdqiyBGO9id%2B1h%2BBg6Y%3D%22%2C%22_s%22%3A%22RhtxYbJvwyrPaAf8owVCmH7%2BF%2BOk6x2j0H8C%2BQuCrYsZ%22%2C%22c%22%3A%22SzVpUWR4allSWEI4anFkYw%3D%3DiABxXU3L5scQuGd02wDOpRb5stW4ULLWG-XGNHGOTdQf4Wv3UqDYQnid18g-qKhN3AmTkA5HuW_tdTeu6Zx0wa0QbqBixj5g20A%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A10000%2C%22fr%22%3A%22Ub6blw8YAmM61LouFHuN9A%3D%3DWiS016fQ6a0rI0LI9yysvjhcMnFcCQboEAvRGNntIbjjBSAddqjgMMmyYOI38NVzWb9dOv6OKaiFamyP4ZL64EeeaJq9SroL6dCkbGw01rIa2e_CeXomx_0OUzS41gkgznHiqteoEE03Zx-9U4dJAPLKdwZV_Ye3YUM6zb2mMEf4jAFPruFPAI_B%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRCPCa6Beq0noE%2FkE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C31666747346733107464597186250520544179%7CMCAAMLH-1671067846%7C6%7CMCAAMB-1671067846%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1411951384%7CMCOPTOUT-1670470246s%7CNONE%7CvVersion%7C5.2.0; _cls_v=67ca07d1-6314-4a6e-b5f1-f93b9a0d3e57; _gcl_au=1.1.2103577479.1670462787; _ga=GA1.2.80669561.1670462787; _gid=GA1.2.2067691188.1670462787; ndsid=ndsanzk5big1toklbeeewo0; _imp_di_pc_=AUQ9kWMAAAAAMZbsNf243DRLt%2BeBDWQU; SameSite=None; ISD_WWWAF_COOKIE=!fgCuaH5YJ5Fq8qEpXMFYjsa6oia5iRXNUYvXuKvJOYFHpbLJHSPKvkXi1OL+P6yyx11cQ1NCnP8X9So=; _cls_s=bb5f71b9-e30f-473e-b7b6-0a0ffe2d6778:1; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoieGtSYWVRUVwvUTgwZFlsQmJrTlEzOEE9PSIsImUiOiJtejRacjREbGdNT1ZcL3lIYndKZkM2MmNPQ0pPOU40VFB2KzZTT1B0aFAyN1htcDRmUXBPeG5oODlSSUZMZWhOZmVaUzEwNDJqQjNHWTBYbEdrbDZmQWRiK08xTWhkXC9XSTF2MGNGemhaUmxicGJLOXZxcGp6TFwvclA3WnNnWmwzUjZIK2t6dnVuVDNteFF6UnFEY2E2N2c9PSJ9.086d7d9580b22b5d.ZDkyZDNjZjIzZGExZmJjZTM5Mzc1YzhhZTQ3MDZkOTI1NDE1NmRjOWUxMjVjN2EzNTgzMjc1ZDFjZWIwZjlhYw%3D%3D; ISD_WCM_COOKIE=!EiYq2k1DSX3tySgCM1DtwKm8Wrr894kQ7J7zigOvq+rlmAKwbK/0Vu/iPOLo5qD6Ec6lCEZpfIwdiSQ=; ADRUM_BTa=R:27|g:bf17b35e-d027-43c1-8d6b-53d99e0f47ad|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:95
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 01:30:50 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=luBWLZT7aKDlaspDQBF5FWSQzBmeAmw1zBd+dJuAPBIgAnR9hPXcQgB932YvxTBg; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 01:45:49 GMT;Httponly; Secure
_abck=E20356E7E43F8329F59B0490A02AEB42~-1~YAAQHWgRYAAbKoqEAQAAJVNb7wluRKqNbB7/8kVb6O5xXAZWs+nwjiIRL29nFtISpmTk4kBsu1eHrc7sQuYiprCg8zr439VhokAbagfxQuDATP3plG1nTDG9+zhw4G4A8a7aARdqG1H85A0wVb01lQfvPRC9jfgY5E4vZFBE/5ESzSDLDoYnaUigkIfIVZMangmxJKEAkRPgSX1xEku1uLtfcu/yFALSHKtDNk4crnM1KVUMMLzwziK3enrA4nsUxdk/E0478B/uiqSVXpu/ysV/VehIqxyUghsivVUxw85ZgJsFQtjNo5xVZQQ/H0ez8ZPCrYD7WTPbGmQaVsNudBKxlAsF0F+47zsp/t+O+nXHcveJb7SwHNZtM5H7UiaXkg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Fri, 08 Dec 2023 01:30:50 GMT; Max-Age=31536000; Secure
bm_sz=D9EEB3541A4D75D57ED80E30CDB96C84~YAAQHWgRYAEbKoqEAQAAJVNb7xJ1LvDdsJvNaQ1sR8xY9faGHVZeEbz0SJhaP3xLDxfgtWl7xo3ZyZBUPY/lI4posojxRdgwGcvzn7O54tpNGSl7YOjTuD2dp65+vFJrdwBMNojn8phTSc6Qni4Vaz+71d7Ah4j0JPu6xZWymW76GqJg4WCDA15SzyL9Hx4Cp1akgh1oyBuIpJ6SdUjW/zVA67OB77ZMeSfsF+3xNuzU/HV6Y9dBjU11k3WUKnfwemgSp4gxp54jTLs3NbtWAnlWdn/tm3gG/swTzuG48x3RN+tM7mxN~4536626~3753266; Domain=.wellsfargo.com; Path=/; Expires=Thu, 08 Dec 2022 05:30:49 GMT; Max-Age=14399
X-Via: 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63913e49_bl21_26355-5756

pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum

54.245.191.186

200 OK

0 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP
54.245.191.186:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 12594
Origin: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--6449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 01:30:48 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:6c903a3e-3064-428a-b052-174e1e787470;Path=/;Expires=Thu, 08-Dec-2022 01:31:18 GMT;Max-Age=30
ADRUM_BTa=R:55|g:6c903a3e-3064-428a-b052-174e1e787470|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Thu, 08-Dec-2022 01:31:18 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Thu, 08-Dec-2022 01:31:18 GMT;Max-Age=30;Secure
ADRUM_BT1=R:55|i:559461;Path=/;Expires=Thu, 08-Dec-2022 01:31:18 GMT;Max-Age=30
ADRUM_BT1=R:55|i:559461|e:9;Path=/;Expires=Thu, 08-Dec-2022 01:31:18 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP