Report - www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/

Report Overview

Submitted URL
www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
IP
163.171.131.129
ASN
#54994 QUANTILNETWORKS
Submitted
2022-09-03 11:29:26
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
48

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	6.6 kB	93.184.220.29
dpm.demdex.net	204	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.3 kB	34.247.235.92
wellsfargobankna.demdex.net	10546	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	550 B	1.2 kB	54.77.35.16
rubicon.wellsfargo.com	11786	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.9 kB	23.36.79.18
2549153.fls.doubleclick.net	30024	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	741 B	1.4 kB	142.250.74.70
media-wellsfargo.nod-glb.nuance.com	28807	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	62 kB	8.39.193.5
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
static.wellsfargo.com	12306	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.5 kB	462 kB	159.45.66.178
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	1.1 kB	142.250.74.162
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	873 B	1.4 kB	216.58.211.2
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	531 B	694 B	142.250.74.3
pdx-col.eum-appdynamics.com	4816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	1.9 kB	52.38.103.162
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.88.220.109
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
connect.secure.wellsfargo.com	11812	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	761 kB	159.45.66.156
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	104.18.32.68
tag-wellsfargo.nod-glb.nuance.com	25312	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	9.4 kB	8.39.193.5
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
ocsp.dcocsp.cn	33518	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	326 B	952 B	47.246.44.230
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.0 kB	142.250.74.164
www17.wellsfargomedia.com	76964	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	500 kB	104.110.27.78
api.rlcdn.com	791	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	453 B	192 B	34.120.133.55
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
www--wellsfargo--com--t449329d48d6c.wsipv6.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	19 kB	142 kB	163.171.131.129
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	666 B	142.250.74.174
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	706 B	1.2 kB	142.250.74.34

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-02	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company
2022-08-26	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/	Wells Fargo & Company

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-03	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/	Phishing
2022-09-03	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js	Phishing
2022-09-03	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js	Phishing
2022-09-03	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/target/offers/conversations	Phishing
2022-09-03	medium	www--wellsfargo--com--t449329d48d6c.wsipv6.com/as/jsLog	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/	306 B	2023-03-07	2023-04-05
Pretty URL www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-04-05 02:01:42 Times Seen260 Hash bf7d1aee3b865a6842835bce8c0a0685 c5213d92fbf617eec79bcade5d93355daf5f199f a14e4c94d8fddca88038c337df0f10bc9bc25460c913bdb20c064ac48ca545a8 Loading...

	www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/	389 B	2023-03-07	2023-03-07
Pretty URL www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:52 Last Seen2023-03-07 12:24:52 Times Seen1 Hash 79868874f9c37cfa33010aed9a221259 b417bd91de96a4f95bd2aa54b38eb2fc6b25d5f9 5cc424072114c21ad26e99aec8c2c9b59f9d5093b87e3b56a29e83d5936309f0 Loading...

	www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/	126 B	2023-03-07	2024-03-28
Pretty URL www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-03-28 17:41:49 Times Seen2471 Hash f1b0375ca8995f583d4f31df97c9e172 d901e5604947f5b57d3bda7a78e92cdcef0439ec a6117a82be9fcdf7e808ce5f2a8b37a4b0dc1dd7052feb6088fc72f32503343d Loading...

	www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/	695 B	2023-03-07	2023-03-26
Pretty URL www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-03-26 13:09:33 Times Seen18 Hash 899837b2f1e8a81797ae37ad361488d3 0f4abcaeceb40790ea9341b6f43328a983e8428f ab4f57987919925eaadb2fa2eb5e82798300b1b7aaab2066b875f8cded107873 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js	48 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4875 Hash aeccb854b0a76aa9f478e466c8011b29 625d31cbeb8978cf2419f58d14bba92a42dbb45c 7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6 Loading...

	connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.3047119850260789	83 kB	2023-03-07	2023-03-07
Pretty URL connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.3047119850260789 IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:52 Last Seen2023-03-07 12:24:52 Times Seen1 Hash 859ffe29706400d752cd0025432f4a7f 9ba292dd9c11f88209400e7ada0d1ffff31c8d11 eba7847acc2af6799a9e895c94ef4199614d30197893851d79b119a85fe25f43 Loading...

	tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk	5.1 kB	2023-03-07	2023-03-17
Pretty URL tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:48 Last Seen2023-03-17 10:42:47 Times Seen1 Hash 00569ccfb6d4b0a76bb9309994c1f054 1ec96e17cf8bf1067dbb9cf840c51d990570283f 727f1f383ad12e60b5128b0096de5b809778c2691ea79ca91b6772155c68d51b Loading...

	static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js	32 kB	2023-03-07	2023-11-04
Pretty URL static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-11-04 00:29:39 Times Seen29 Hash 162100f507af8b50f1406bf3fc405ce5 cf0a2bf9b914710962e0dd7899b93ba5ceb5134d e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279 Loading...

	static.wellsfargo.com/tracking/ga/ec.js	2.8 kB	2023-03-07	2024-03-28
Pretty URL static.wellsfargo.com/tracking/ga/ec.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-03-28 17:41:50 Times Seen4661 Hash 0ae62a83927125e9b9dfa97f89af9d3f efb68f49f2b9b6b5567bf26a17015ede289e429d 618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089 Loading...

	static.wellsfargo.com/tracking/ga/ga_conversion_async.js	36 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/ga/ga_conversion_async.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4900 Hash 0a40602db7616a31c9da4548ee920190 878e01cb0c90cb247aabc137327655a6fcffcbd5 6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab Loading...

	www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/	109 B	2023-03-07	2024-03-28
Pretty URL www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-03-28 17:41:49 Times Seen2179 Hash 5e484877c8a3178a846a7d21b7fe5209 d7b7ac3ca178c038b5cf3b9157b99d818d540efb 3121a4640f3196f3df84a9d4f5f68703d478c024ec18f4a22c70825ad8cfab33 Loading...

	www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js	47 kB	2023-03-07	2023-03-17
Pretty URL www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-17 10:42:47 Times Seen1 Hash 20955465000168af9238ab710ad4224a 7db74347fccfba84638c82b9c4cc449e62437081 c47c57f37c762a34c9718dfd6f6eabcbc52f39ebead320d625cb9aa0f6653ee0 Loading...

	connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js	272 kB	2023-03-07	2023-03-07
Pretty URL connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:53 Last Seen2023-03-07 12:24:53 Times Seen1 Hash 724615a1f2e6594191e78c753ef762b6 c68e24741fa5a5b85e35e290de91bec8b51d5d23 448a18d48a44ec0f2159191ea14d8f26112b59712fa1c3aa4a0e288447f5e440 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	2.0 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-08 03:26:08 Times Seen4778 Hash e7cf4c458b327ab7ed31e0936ccd404f 970bf05073f91ad6b8f21521f7c9886f71f2af1d 52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d Loading...

	connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js	538 kB	2023-03-07	2023-03-17
Pretty URL connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-17 11:41:13 Times Seen1 Hash ee71f0fdc43bfa64aa0546628ccf0b33 5d01fd1fdca22c19a5e41df001621cc2fe3ea238 299c5f9d63cd8c39555d762c170af3fb06b9f4169c20e6cbcb2fa7f4cb18cc69 Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js	23 kB	2023-03-07	2023-06-29
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-06-29 15:24:08 Times Seen72 Hash f320653366aae1336b9a1c0547ea97b9 8c87c242b3bf13c2558679bd936123a5e6069da5 e02ff12dc676cc581ade44548d917c7df10e14c6a7b6373dbf1b67a7b352108a Loading...

	www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/	252 B	2023-03-07	2024-04-08
Pretty URL www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-08 03:26:08 Times Seen2498 Hash 4f6526fc5cfbf8f77c674e5cb40c36d6 94bb860d263ab388eea733a7a0e7fc00717d0637 06249a30772721e1f681be4a0d74c05a58b36a266c273eafdbe86ebcca83aabc Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js	66 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 11:41:13 Times Seen1 Hash 831557d9711fd36924ae1bfac5a7a7db 9d6a6b34a82a1e4f27f610b460c9e33c102da9de b16b31f2f8e681a5909e23a5508af022a3744b365d9077bea964d728e28929a3 Loading...

	connect.secure.wellsfargo.com/auth/static/prefs/atadun.js	1.2 kB	2023-03-07	2024-04-19
Pretty URL connect.secure.wellsfargo.com/auth/static/prefs/atadun.js IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 19:43:46 Times Seen4753 Hash 566dda94252f1860a7a28665c715b530 6aa0455dc8ea41441b1f3a733985758dc40af736 43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903 Loading...

	connect.secure.wellsfargo.com/jenny/nd	52 kB	2023-03-07	2023-03-07
Pretty URL connect.secure.wellsfargo.com/jenny/nd IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:53 Last Seen2023-03-07 12:24:57 Times Seen1 Hash 486fcf014f421722568c6b9a87c69ccf 5d42f01682230f959aa540010c9a62c4ff31665b d9f2d89615976edbf90a6b47a78264db8cce1fce0e61352ba49a6d7305adce3f Loading...

	connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?single	11 kB	2023-03-07	2023-03-07
Pretty URL connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?single IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:53 Last Seen2023-03-07 12:24:53 Times Seen1 Hash 9be10b56766f18a4f773c62f47c5346c b0149ca0ec0b1093e4c9e4dc5693a0ed75115d78 6daa536065b825589373fa14bf7bfd89db31ce1164d585a87c46b1b03b1c362c Loading...

	static.wellsfargo.com/tracking/gb/detector-dom.min.js	341 kB	2023-03-07	2023-05-10
Pretty URL static.wellsfargo.com/tracking/gb/detector-dom.min.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-05-10 01:56:56 Times Seen5 Hash 19ecb64e1651d039ef9eb9d2ffa0dcc2 946bc940945602710c52d5827c707bd469921878 9a5e8cb8c0d7468337c96ba9de5c90701a038a135975b1f4444bde35cb0eb212 Loading...

	static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1	117 kB	2023-03-07	2023-03-26
Pretty URL static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-26 09:22:04 Times Seen2 Hash 17324c64926790e7068528ee285677e0 5f7c9d7694dfa9e92d5ae871cb0ea0cc5b4776c3 79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc Loading...

	connect.secure.wellsfargo.com/AIDO/glu.js	67 kB	2023-03-07	2023-03-07
Pretty URL connect.secure.wellsfargo.com/AIDO/glu.js IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:53 Last Seen2023-03-07 12:24:53 Times Seen1 Hash d6c0d3fb384d931a81c45c4a95f14912 0e7b831a0d5609b88f9e1fac27c20eaff5398b97 3e90c800f397a25d10acc0de721a987df852d8bff18a4679baafd7ab26aee733 Loading...

	connect.secure.wellsfargo.com/PIDO/pic.js?r=0.9504964657380371	75 kB	2023-03-07	2023-03-07
Pretty URL connect.secure.wellsfargo.com/PIDO/pic.js?r=0.9504964657380371 IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:53 Last Seen2023-03-07 12:24:53 Times Seen1 Hash bb185bce516287ea020dace2bf82416c c1a1f57ec9d844e94c0731564e77200c5e626faa 038c64fd3c88c981960c0f1f34c86eb006387963a266a7b94d4db4a4a8785e0c Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1662005639987	446 kB	2023-03-07	2023-03-17
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1662005639987 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:48 Last Seen2023-03-17 10:42:47 Times Seen1 Hash 91e8b3091caa1b724de87b5de42a693b 5d478c1740f8cc7009450e5f414d81abeb719a05 0d84905bd3ce831be55f6d0d04247657a8b8e83a2ec643f66bd4e43ac43545db Loading...

	static.wellsfargo.com/tracking/hp/utag.js	205 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/tracking/hp/utag.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2023-03-17 11:41:13 Times Seen1 Hash 9ee9a0049f68ca46e720c6d3cb151df5 963131f77114d343892e540a315062fec26585f0 00325f5d148c95cf62620c0830365d6e55e71f1416137a8e28b2ef79e1f3f82a Loading...

	tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js	27 kB	2023-03-07	2023-03-17
Pretty URL tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 11:41:13 Times Seen1 Hash faff7d5f8cd278071e80b18f7373e6b2 bf32efcdf7df36e1c599b5949a83e343f05b84a0 78af5f0e3b33e451cd20e506a2ae37053a3774c4bcdd1e4f0f505331bb033a72 Loading...

	static.wellsfargo.com/tracking/ga/ga.js	49 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/ga/ga.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4882 Hash 8402e9ebdf9290c018b0617018227681 2d840fcd6c3008d9aca747ba0ce056b496db8e1b 0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22 Loading...

	www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/	199 B	2023-03-07	2024-03-28
Pretty URL www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/ IP 163.171.131.129 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-03-28 17:41:48 Times Seen2469 Hash e086f28166bf73bc94e3cd49222ba6b3 e672fcd875785616f34372b6dd2a8245edbd0ca6 268683f78bf540a4628d352b35364a4405e8f1693eaee6a34e081045b1f95e54 Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js	36 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 11:41:13 Times Seen1 Hash a87d017094c294b72c41efb2cfbf49aa 86590309a3f44265fd4acd0b35c5911c18047ca8 c19b2cfb96a4e34bf9537736e5ca1fcea2fa89b6f0c05ec2e7e2c7a017bafdb6 Loading...

	connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIDnAQODAQAAKO-DvNNaci84pdc37XVfeV6Y0Yi-OqZbM79W7loozftZjWod&X-G2Q3kxs3--z=q	262 kB	2023-03-07	2023-03-07
Pretty URL connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIDnAQODAQAAKO-DvNNaci84pdc37XVfeV6Y0Yi-OqZbM79W7loozftZjWod&X-G2Q3kxs3--z=q IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:53 Last Seen2023-03-07 12:24:53 Times Seen1 Hash b0516d5a47b271cde45acdd8c77319f1 3120cbb6be80ef6f8372c85865865fd718b83af2 055af0c62744b3f76c15674b5676c10fc09b9b992a098d67b2f5b4fa4dbbfbe9 Loading...

	connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js	1.2 kB	2023-03-07	2023-03-17
Pretty URL connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-17 10:16:33 Times Seen1 Hash 65a94e66e064c58c12169e1b2bdbb1fb 38ade00cfb7838bb09ac4cf375cfe2809d74b636 f524345f75bc7c15f2e285e525e04299dc22c27c014abe55c337dbc3a690b82c Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js	45 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4864 Hash 5f310e2e2a558d76b916e137aee73462 c7ff0190c9c2c414321211f3863e9e27f32b713e 385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f Loading...

	connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBoeUhGanZ3MUJwSlhsU1pJVmJEV1V1WXZFQVkvVHo4VDJNazFjcTVyTUJQR2piNUxackR0TmtCWDg2L0Jsdm1qbUh1V3NTS0hydG5pRElHNmc3REJrWndjeGY2Q0kxdDNNV2dDeDVEaktPWmtDUG1kVVc5bkRsbGlJdXhpRWlJWmh0Tk9qcURlNmhHQ1FOYmcvQXNwMzgySXpiSjA1TUQrUW1JbjVJYmNiWktyRVJmZGdUSXFIWk9UUkNIVEQwSEI1UlJhWVEzWTFIemRyZ1MyT0NxMEExcHg3MXFuNW56UzdIZ01sUFF2UnlqNXFTNFhKbCtiL2lBN1h4Y0FocFNXSlpLZUxzc2FmeU9yd0xWTlVDR3RNdWdjZnNtbFN4VGRWamFlbm5yaGZXbmU3QT09fDY2ODg0ZGNmNTk5ZDRlZjkzOTcxZjUwMjlkMjQ2ZThhMmFkMDlhNTMxMGY1NjA0YjgxODVhNTQxMmJhZGFmOWMxMDA3NzVlZjQxZWYxOWY0ODVkY2U4ODFiNWI2ZTljZjk2ZThiZmEyYjAwNDA0NzY1M2UzMTM5YWU4OWExZWYyNDY4YmIxYjlkZmI2MjA1ZGQ0MTI1ZGU5YTg2YTU3MTA3NjllMDU4NTA0N2NjYmQwNjVmNzEwNzMwOTBhYzJmNGY0MjBlMDA3YzI0Yjg5NzQyZjAyZmZkMGVjNGQ0ZDMxMWI4NDk2MzEyZWRiMTYxYWExNzI0ODk3OWQxMzY4ZDM5YjU5NzhkMTQ1MzQwYWUzMTY1MWNlNjQwYmU0MGYyYTIyZWE4OGYyNjRmYTliNTcxZTQwMDI4ZTNlMDIzNDg4NjhlZTRiMDYzZDc5ZWMwZDM5ZDUxNTY5ZTQxOWIwNjBmYzM1YzVjMDc1NTliYzUwZTk2MWYyMjBiYWI1YzYyMDdhNzgyODQ4MjhmZjgzMzE0ZDk1NDQ0ZjdkZTc1Y2RiM2E2OTNhZmMyNjAwNWYwZmQxZWUwYjAyN2QyODc3ZmI3YWU1YmVkMzIyZmJiZTBjMDQ4MjgwMWFhN2I1ZjMxMThhMjJlZGEzNjNiYzEyOTRiN2Q0YWUzZTBlODhlMjQ3fDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com&t=jsonp&c=llcoyyzdscxggxnf&eu=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F	90 B	2023-03-07	2023-03-07
Pretty URL connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBoeUhGanZ3MUJwSlhsU1pJVmJEV1V1WXZFQVkvVHo4VDJNazFjcTVyTUJQR2piNUxackR0TmtCWDg2L0Jsdm1qbUh1V3NTS0hydG5pRElHNmc3REJrWndjeGY2Q0kxdDNNV2dDeDVEaktPWmtDUG1kVVc5bkRsbGlJdXhpRWlJWmh0Tk9qcURlNmhHQ1FOYmcvQXNwMzgySXpiSjA1TUQrUW1JbjVJYmNiWktyRVJmZGdUSXFIWk9UUkNIVEQwSEI1UlJhWVEzWTFIemRyZ1MyT0NxMEExcHg3MXFuNW56UzdIZ01sUFF2UnlqNXFTNFhKbCtiL2lBN1h4Y0FocFNXSlpLZUxzc2FmeU9yd0xWTlVDR3RNdWdjZnNtbFN4VGRWamFlbm5yaGZXbmU3QT09fDY2ODg0ZGNmNTk5ZDRlZjkzOTcxZjUwMjlkMjQ2ZThhMmFkMDlhNTMxMGY1NjA0YjgxODVhNTQxMmJhZGFmOWMxMDA3NzVlZjQxZWYxOWY0ODVkY2U4ODFiNWI2ZTljZjk2ZThiZmEyYjAwNDA0NzY1M2UzMTM5YWU4OWExZWYyNDY4YmIxYjlkZmI2MjA1ZGQ0MTI1ZGU5YTg2YTU3MTA3NjllMDU4NTA0N2NjYmQwNjVmNzEwNzMwOTBhYzJmNGY0MjBlMDA3YzI0Yjg5NzQyZjAyZmZkMGVjNGQ0ZDMxMWI4NDk2MzEyZWRiMTYxYWExNzI0ODk3OWQxMzY4ZDM5YjU5NzhkMTQ1MzQwYWUzMTY1MWNlNjQwYmU0MGYyYTIyZWE4OGYyNjRmYTliNTcxZTQwMDI4ZTNlMDIzNDg4NjhlZTRiMDYzZDc5ZWMwZDM5ZDUxNTY5ZTQxOWIwNjBmYzM1YzVjMDc1NTliYzUwZTk2MWYyMjBiYWI1YzYyMDdhNzgyODQ4MjhmZjgzMzE0ZDk1NDQ0ZjdkZTc1Y2RiM2E2OTNhZmMyNjAwNWYwZmQxZWUwYjAyN2QyODc3ZmI3YWU1YmVkMzIyZmJiZTBjMDQ4MjgwMWFhN2I1ZjMxMThhMjJlZGEzNjNiYzEyOTRiN2Q0YWUzZTBlODhlMjQ3fDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com&t=jsonp&c=llcoyyzdscxggxnf&eu=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F IP 159.45.66.156 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:53 Last Seen2023-03-07 12:24:53 Times Seen1 Hash 8a19c7f4abeba027654d723078f4a3b3 1be13329e8ca21fbbdc7b21583c158a05eb5dcac 6100fdf178421d432e8fe4b0da1a6e131b355cc07619e1cbf294d87755b13907 Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1662005639987	7.1 kB	2023-03-07	2024-03-28
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1662005639987 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-03-28 17:44:18 Times Seen68 Hash 91a3833ccffbae0b31a6cca516216880 9284e1bb265d09e17e10407f280072b9d938bec5 182475449b1dc308c4d183fe50d348ab2f4e882aac99c0945762629c9fe65f9d Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1662005639987	145 kB	2023-03-07	2023-03-17
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1662005639987 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:48 Last Seen2023-03-17 10:42:47 Times Seen1 Hash 7ed1e64b00460898c675ddfdbd07b2ed 2589ac4d648038e17080a602b1afb9f6d780f286 fde95b0d13fc6d6eeb1b7e2d62abcc70da2ceceed95d006d16c9b4220d7ada2e Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 23:57:22 Times Seen36968833 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (148)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2972
Expires: Sat, 03 Sep 2022 12:18:47 GMT
Date: Sat, 03 Sep 2022 11:29:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 10:42:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LnzCYFeAWDfQx8aPwjl7Ibgls_NZyDMKA8GRAUoJVLdU0pt3jRWzfg==
Age: 2776

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3UwWE6L3jhyX-egqKolKQUg0-_1RRw0i3Ar4ZqIAF4ww3WN8PvWmgg==
age: 36838
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 11:29:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 03 Sep 2022 10:38:16 GMT
Expires: Sat, 03 Sep 2022 11:33:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pi6fSQMaC8hp85v7J_DemFrFwmi7YknFOt-Jj2xuBpniYZYSCZaGHA==
Age: 3059

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6067
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:15 GMT
Last-Modified: Sat, 03 Sep 2022 09:48:08 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

ocsp.dcocsp.cn/

47.246.44.230

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.230:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
07ff12b615a6c9f77301f45a5dbc1182
7eda763f2a3268e87a8a82e6039219f3ee052d0d
6c056d829b23de24d1e64990d89c8f5998bc99a55d17d2221c44a942569fdc16

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 03 Sep 2022 11:29:15 GMT
Ali-Swift-Global-Savetime: 1662204555
Via: cache21.l2de2[43,43,200-0,M], cache14.l2de2[44,0], cache1.se1[65,64,200-0,M], cache1.se1[67,0]
X-Cache: MISS TCP_REFRESH_MISS dirn:2:442574527
X-Swift-SaveTime: Sat, 03 Sep 2022 11:29:15 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9516622045558475984e

push.services.mozilla.com/

52.88.220.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.220.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pcbnAII7bhZ+vOuwx52mfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IRD3UV3RK67tSvROK18noLouEg0=

www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/

163.171.131.129

200 OK

23 kB

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (884), with CRLF line terminators
Size
23 kB (22690 bytes)
Hash
239129e1e882a4826aee5b561aa0cb4f
1dbdf7977176e6376dfc3dc62b86394f085f181a
2ecd5b58c50b1476fb214b2a8dc6a24b273cb5aea9636cec2a71a6e2aa477067

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company
fortinet	Phishing

HTTP Headers

GET /es/ HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: -1
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Set-Cookie: ADRUM_BTa=R:0|g:72c97c07-f713-474f-942d-133c60080910; Expires=Sat, 03-Sep-2022 11:29:46 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:72c97c07-f713-474f-942d-133c60080910|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03-Sep-2022 11:29:46 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03-Sep-2022 11:29:46 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206931; Expires=Sat, 03-Sep-2022 11:29:46 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=ES; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120220903042916884190316; domain=.wellsfargo.com; path=/; expires=31 Aug 2032 11:29:16 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; path=/; Httponly; Secure
WesdAksn=A9m0HAODAQAAo088leFLFsTPGZeRRAYtnr-xWobCG2cs-WKt2LrcR-9uiqqAAaOrg2CcuC2nwH8AADQwAAAAAA|1|0|1a7b4d6e9249985cf24a8ff7d71af2e1ccdf3370; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-021aa5a8-ed70-4b0b-b004-3b03b95966d5' 'self' https://*.wellsfargo.com https://*.wfinterface.com;report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Language: en-US
Server: Server
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Via: 1.1 bl22:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8b_bl22_7657-20601

www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png

104.110.27.78

200 OK

2.5 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.5 kB (2496 bytes)
Hash
e3dfb8e67322de6a7be8c293043e69e1
9c2339e0b48afdfdcd908f78777be88c133d2aef
ea103ea932d2ebdd8e57887e4beabb394c21b6f260f49adfa8be4772cb61faec

HTTP Headers

GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "618287e9-14da"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 2496
content-type: image/webp
cache-control: private, no-transform, max-age=401365
expires: Thu, 08 Sep 2022 02:58:41 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg

104.110.27.78

200 OK

52 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x502, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
52 kB (51474 bytes)
Hash
67a063a06589a4e40465cffe34adf460
83bd779eab37f708db097c28d9eb4295c3ebdc13
e037cf255bed27ebd83c682b368532fc925848a9ff0e42d97132ac995e43bbdf

HTTP Headers

GET /assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a7e46d-172e2"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 832
x-check-cacheable: YES
content-length: 51474
content-type: image/webp
cache-control: private, no-transform, max-age=401481
expires: Thu, 08 Sep 2022 03:00:37 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png

104.110.27.78

200 OK

852 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
852 B (852 bytes)
Hash
83d5bb1eeca48fd91b76ba78a6033079
795d21b0703fe9606406267cbb1740251f17949c
b5b73fb58b90213e3e94e8bb2f2821ae968e4a14c736940a2a80673c5039919b

HTTP Headers

GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6217f519-1d25"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 852
content-type: image/webp
cache-control: private, no-transform, max-age=401401
expires: Thu, 08 Sep 2022 02:59:17 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js

163.171.131.129

200 OK

57 kB

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (65499), with no line terminators
Size
57 kB (57201 bytes)
Hash
7ef725f079bd933254582ac7f97bf7bd
045b50319d5baf9b1acd143314ff01996d73f3b6
1334b463991b55dd7c62a2c601958b7ec4539b64cf809aaee9820122b5cdc5db

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company
fortinet	Phishing

HTTP Headers

GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Cookie: ADRUM_BTa=R:0|g:72c97c07-f713-474f-942d-133c60080910|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206931; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:16 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 03 Sep 2022 11:59:16 GMT
Last-Modified: Fri, 05 Aug 2022 17:39:58 GMT
ETag: W/"62ed55ee-2b6d2"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01cV0174:5 (Cdn Cache Server V2.0), 1.1 bl21:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8c_bl22_7657-20669

www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg

104.110.27.78

200 OK

1.1 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 79x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
1.1 kB (1118 bytes)
Hash
8fc4a7236687f00978c3d3d9c679fa7d
5d7bcfc23ba4a4b58f22f497b214e7b427916b05
c2f04b9277e2158e498ea44ff61a651461ac7bcf0eed712b78fa8e21ae6eabfb

HTTP Headers

GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6286a22a-81c"
last-modified: Thu, 14 Jul 2022 19:31:27 GMT
server: Akamai Image Manager
x-serial: 2010
x-check-cacheable: YES
content-length: 1118
content-type: image/webp
cache-control: private, no-transform, max-age=547375
expires: Fri, 09 Sep 2022 19:32:11 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png

104.110.27.78

200 OK

1.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1344 bytes)
Hash
20cf7cbf9f523ea23270f0140672e57d
61c40fed4a85b0ff069f6361f87ee77ff4207c2d
9d7f1fe0833268a6a9468b9fc19436ffe00b8596c67131b09361467deaed1b76

HTTP Headers

GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a93697-12d2"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1344
content-type: image/webp
cache-control: private, no-transform, max-age=401400
expires: Thu, 08 Sep 2022 02:59:16 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png

104.110.27.78

200 OK

562 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
562 B (562 bytes)
Hash
dffe59af45e3b6e5d78ffcb4a1a5386a
f273b4eded463939c9a9ec7944a892d2a3921ed2
9bd4d77dfdadd6574d42e469c1968fffce0422134f4487f1d785367752743f96

HTTP Headers

GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a93697-769"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
x-serial: 1921
x-check-cacheable: YES
content-length: 562
content-type: image/webp
cache-control: private, no-transform, max-age=309191
expires: Wed, 07 Sep 2022 01:22:27 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png

104.110.27.78

200 OK

712 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
712 B (712 bytes)
Hash
856ba11ad61b561850f726f3f9bd8c6b
b50337dec6ee97d505a21bdcaa15f4a0d2bb2571
7867b0f1e4d21ebd684268360f820149578a15141a9128b57a97843c0fcb3b72

HTTP Headers

GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6217f519-1c20"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=401367
expires: Thu, 08 Sep 2022 02:58:43 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/h.com_card_79x50.png

104.110.27.78

200 OK

2.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/h.com_card_79x50.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2286 bytes)
Hash
54a0dd5862244507f56e176ecde59056
2d8f7d7e00316c6811ce2552e608260481303898
749d47078866f2ebe0c2b692de339996ede393b570c7f73418ac0ed9a6882539

HTTP Headers

GET /assets/images/rwd/h.com_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6217f519-23fc"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 371
x-check-cacheable: YES
content-length: 2286
content-type: image/webp
cache-control: private, no-transform, max-age=401333
expires: Thu, 08 Sep 2022 02:58:09 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/es/images/rwd/wf_logo_220x23.png

104.110.27.78

200 OK

1.7 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/es/images/rwd/wf_logo_220x23.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.7 kB (1710 bytes)
Hash
c5f6eb132665afa77e8ac7a1a707e951
70d65ab0dcfaace4c1d8bbb772af4fd7c6f66c80
0d7727e08780a04f9c86fca16ed264664eea2b161744cfb70836880bf04fc1ac

HTTP Headers

GET /assets/es/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61c392e6-10c2"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 1579
x-check-cacheable: YES
content-length: 1710
content-type: image/webp
cache-control: private, no-transform, max-age=418955
expires: Thu, 08 Sep 2022 07:51:51 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png

104.110.27.78

200 OK

1.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1348 bytes)
Hash
20395535ccb9d64fc541151586d860d7
791003e66d20380a1925d19a9bb3c4cbaf451073
5220e2267bf1d52810fa37112ed26e7d0d6a6f8cfaaa7d36c032b68562030d05

HTTP Headers

GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6217f519-1be6"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1348
content-type: image/webp
cache-control: private, no-transform, max-age=401441
expires: Thu, 08 Sep 2022 02:59:57 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg

104.110.27.78

200 OK

35 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
35 kB (35078 bytes)
Hash
b4461eb744601a2ca1764ee8245185fe
8666c2c62e249f94da9721df78c7ce0cfbb587b5
e04eef1b087076cfd56ee5728e50ef2993dc739f5d1934c3196c7bf88019d386

HTTP Headers

GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62057fd1-14ef3"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 35078
content-type: image/webp
cache-control: private, no-transform, max-age=484412
expires: Fri, 09 Sep 2022 02:02:48 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_house_gradient_64x64.png

104.110.27.78

200 OK

1.0 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_house_gradient_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.0 kB (1004 bytes)
Hash
2700367e62982f99dbdb7efa2e11328c
7db153f43a4bc9d95eb94e0d07404440b92ec129
8e16030cdf2d91809d0540f79aa3a3be4b83e4a9bf13bd91def3962f1484406f

HTTP Headers

GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_house_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a93697-f60"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1004
content-type: image/webp
cache-control: private, no-transform, max-age=401401
expires: Thu, 08 Sep 2022 02:59:17 GMT
date: Sat, 03 Sep 2022 11:29:16 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d5cadb101f475075ce29994476a8ab4f
e0e094a74582809f07ef1b3ced429f1b86adfd82
f50e49dfbd7b8200a0547b2157cef9b35807e199b25d9c9b765c5313e4fde1c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:17 GMT
Last-Modified: Sat, 03 Sep 2022 09:45:16 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d5cadb101f475075ce29994476a8ab4f
e0e094a74582809f07ef1b3ced429f1b86adfd82
f50e49dfbd7b8200a0547b2157cef9b35807e199b25d9c9b765c5313e4fde1c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2835
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:17 GMT
Last-Modified: Sat, 03 Sep 2022 10:42:03 GMT
Server: ECS (amb/6B76)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2196e5d60ee09262ba52d7a812659097
c814cd54c5cae0bd715f6a701a7e019b587e6fc4
c6b2e41877cc28a442db1feb91ea73136723a5ce32ed20bf9a10cada9b6e43f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:17 GMT
Last-Modified: Sat, 03 Sep 2022 11:11:58 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2196e5d60ee09262ba52d7a812659097
c814cd54c5cae0bd715f6a701a7e019b587e6fc4
c6b2e41877cc28a442db1feb91ea73136723a5ce32ed20bf9a10cada9b6e43f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:17 GMT
Last-Modified: Sat, 03 Sep 2022 09:49:52 GMT
Server: ECS (amb/6B76)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f0478c02ca61866df1d1cb2378cdd312
223ee8b1a43b3902397438c7c75ad3da2d9ea660
fb2bb7500fcf66b32cda3e987664e2dfb7788234d08c1fca00bd0718a7969799

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4075
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:17 GMT
Last-Modified: Sat, 03 Sep 2022 10:21:22 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2521
Expires: Sat, 03 Sep 2022 12:11:18 GMT
Date: Sat, 03 Sep 2022 11:29:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2521
Expires: Sat, 03 Sep 2022 12:11:18 GMT
Date: Sat, 03 Sep 2022 11:29:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2521
Expires: Sat, 03 Sep 2022 12:11:18 GMT
Date: Sat, 03 Sep 2022 11:29:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2521
Expires: Sat, 03 Sep 2022 12:11:18 GMT
Date: Sat, 03 Sep 2022 11:29:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2521
Expires: Sat, 03 Sep 2022 12:11:18 GMT
Date: Sat, 03 Sep 2022 11:29:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91ab4da-b2c8-4694-8888-dbef16ff0822.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91ab4da-b2c8-4694-8888-dbef16ff0822.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9468 bytes)
Hash
ac5cedb16d42137f0da53ffa29c68640
f5b2ed7f99ce2149cdc7ca905bead01cb12fe8ab
9ceae944314eae39f0af8fa5abd17515b9fd32771cececb0c7321a7bfbf4645f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91ab4da-b2c8-4694-8888-dbef16ff0822.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9468
x-amzn-requestid: c6bbad05-8ee5-4ad4-84fe-026a5e796eb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjjETF2goAMFv_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ae54e-2897857e407e6f8e5e64b29b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 03:47:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: w7JmXjiiAXYPtAQ5bepNtspGrJ2XAhgWflXLUcl1kWTokYlQAPZ5rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:44 GMT
age: 49173
etag: "f5b2ed7f99ce2149cdc7ca905bead01cb12fe8ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4994 bytes)
Hash
60769237af4f32c663d494d91a672d08
31305131f340191799484f212e15513bd1204e88
6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V6_bFwCNNOb2sZgOQJ8NekZD0pbYwclTg17YlQjCIdKFKGuzfDR0nQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:42:03 GMT
age: 28034
etag: "31305131f340191799484f212e15513bd1204e88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14061 bytes)
Hash
d78cbff83c152b84864606781a29563d
8bdbc6e135be6e582d0e23754399422e3792777b
3c385de9ade05e1652ccc386e73aaccc4c223a07b81af4c5fdf3f73a166909f7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14061
x-amzn-requestid: db7b338c-4fb1-46c0-827a-87e43ceacb90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjB_aFGyoAMFbeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ab062-060509a31e21bd514f736d49;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 00:01:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p_pP4bQ_t2iBcAl5CetPTBaNmV8E_Br_0Mn5qIlGeC8JCmILxA_l6A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 10:54:15 GMT
age: 2102
etag: "8bdbc6e135be6e582d0e23754399422e3792777b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6976 bytes)
Hash
c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: alcmiW5Cb3Z96RJNXfz4F54HNERbyV71Q8hqVuNEOTUc48kItzlfHQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:53 GMT
age: 49164
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7032eb34-1355-4f64-91db-2c4fd70139b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12612 bytes)
Hash
85bb0a09818a7c5f9e92e5b0faa057a4
ceb9a1d4efc578ad2bbcd8f99e8bf69e7dbe7aa3
d7e1901bdae487d1c4f4d0c8fdfd090f8f0baff719f319666395f91dc147d250

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7032eb34-1355-4f64-91db-2c4fd70139b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12612
x-amzn-requestid: c89164ee-6194-4a96-9a7f-b8c03478ef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xihm-GiPIAMFglA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a7c92-7def0f7964f7f0d336810aae;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 20:20:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fEeJ_Zw9Egt6gQYinki1fMzvqdQgixv0iBio2G4KsMppWkYhEB_SCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 04:35:03 GMT
age: 24854
etag: "ceb9a1d4efc578ad2bbcd8f99e8bf69e7dbe7aa3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7501 bytes)
Hash
23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:54 GMT
age: 49163
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js

163.171.131.129

200 OK

15 kB

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (47380), with no line terminators
Size
15 kB (15000 bytes)
Hash
40a21b78131d90b2db2eac444d7949a3
6041d4c8712c62110f1bfd749f0593368f25e6d8
5378405ea0c36f5d7f40b607f3e3018971d8c2590dcd39b9d13f5c0ce205e28b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company
fortinet	Phishing

HTTP Headers

GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Cookie: ADRUM_BTa=R:0|g:72c97c07-f713-474f-942d-133c60080910|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206931; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 03 Sep 2022 11:59:17 GMT
Last-Modified: Fri, 05 Aug 2022 17:39:58 GMT
ETag: W/"62ed55ee-b915"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01uY9168:5 (Cdn Cache Server V2.0), 1.1 bl22:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8c_bl22_7029-46242

static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js

159.45.66.178

200 OK

901 B

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (1952), with no line terminators
Size
901 B (901 bytes)
Hash
5dcc7c101ced74367609685d577093f6
f0d8214335e3c33b634048b992afd536f5bd3e43
10aab16ccfb5374425dc6ee64453a7fe6d7b6dfa47ab65779f42c7db740da1ef

HTTP Headers

GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css

163.171.131.129

200 OK

23 kB

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (23248 bytes)
Hash
681f84be4770296ad54830f918c26b10
d958f01c10eceeddb66b21d3381f4e1d5b546977
8c9dbdfdf990337381e063010b07262abae1eb7b15a61fcb780fe948d2572884

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Cookie: ADRUM_BTa=R:0|g:72c97c07-f713-474f-942d-133c60080910|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206931; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 03 Sep 2022 11:59:17 GMT
Last-Modified: Fri, 05 Aug 2022 17:39:58 GMT
ETag: W/"62ed55ee-2914f"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:5 (Cdn Cache Server V2.0), 1.1 bl21:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8c_bl22_7002-14413

static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js

159.45.66.178

200 OK

11 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
Unicode text, UTF-8 text, with very long lines (31790)
Size
11 kB (11076 bytes)
Hash
6d79a0dbc6ea2602aa38bbf53e43124e
8b53e45df3e4aea81cbfaa90081f6795bcfe39fc
d2aa003ecdd6c31e12964104bd23498a60e94fa2d163c6d1ff285db59f61bb6a

HTTP Headers

GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 12 Feb 2022 17:58:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6207f544-7c61"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?single

159.45.66.156

200 OK

4.3 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?single
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (9269)
Size
4.3 kB (4305 bytes)
Hash
7cbfbeabac4fd39520075f47392b73c4
9b4bec163f754eb0993dbdc94873558c7e00fdf9
8effef51707130621a231d96457957bd730731bcf7e19271d0e38f0e69d275d3

HTTP Headers

GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: WesdAksn=A0-4HAODAQAACZKQ36M3WNBHa-NGN5DThyWMXcacNwHk65wGkxKt9t92b80bAVtaKpqcuC2nwH8AADQwAAAAAA|1|0|499a212f7d9a5c27e3286195ae893c84cd1a844d; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
Pragma: no-cache
Content-Encoding: gzip

www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v6.png

104.110.27.78

200 OK

135 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v6.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 1187 x 406, 8-bit/color RGBA, non-interlaced\012- data
Size
135 kB (135073 bytes)
Hash
d49770fba6a80029e1d497b990b42c38
c50339adb59abe907f81b06767daf7c544d00f94
c92600efad7cac8538df8dd12d2d03ab6933856c22567aa229b655c0edb17cf5

HTTP Headers

GET /assets/images/sprite/responsive-sprite-v6.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 135073
last-modified: Wed, 01 Jun 2022 20:03:02 GMT
etag: "6297c5f6-20fa1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=11117153
expires: Tue, 10 Jan 2023 03:35:10 GMT
date: Sat, 03 Sep 2022 11:29:17 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Size
22 kB (22424 bytes)
Hash
0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

HTTP Headers

GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=10099081
expires: Thu, 29 Dec 2022 08:47:18 GMT
date: Sat, 03 Sep 2022 11:29:17 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2

104.110.27.78

200 OK

23 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Size
23 kB (22600 bytes)
Hash
83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba

HTTP Headers

GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=10008940
expires: Wed, 28 Dec 2022 07:44:57 GMT
date: Sat, 03 Sep 2022 11:29:17 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Size
22 kB (22172 bytes)
Hash
f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

HTTP Headers

GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=10075875
expires: Thu, 29 Dec 2022 02:20:32 GMT
date: Sat, 03 Sep 2022 11:29:17 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Size
22 kB (21636 bytes)
Hash
1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc

HTTP Headers

GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=10008660
expires: Wed, 28 Dec 2022 07:40:17 GMT
date: Sat, 03 Sep 2022 11:29:17 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js

159.45.66.178

200 OK

11 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
Unicode text, UTF-8 text, with very long lines (35814)
Size
11 kB (11411 bytes)
Hash
1d081a456e54c7c623d773fa473a4533
14aeab37af44fcabcde3e3419f3d46b0e427524b
b9ad6838ec4946d6494773e8f5c2c1b16bb361e98d435af2137a7bc9fb12f879

HTTP Headers

GET /assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 11 May 2022 04:38:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"627b3dac-8c18"
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip

static.wellsfargo.com/tracking/hp/utag.js

159.45.66.178

200 OK

55 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/hp/utag.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (15280)
Size
55 kB (54783 bytes)
Hash
24f5740c6f4056d728c0b14e5b062c12
8db530031d1b564e57a6bcfbf6e51fe27418c5c3
1b61abf4c33cbc0d3b7e047153120f0c04457ed321c9742f19e361538927924f

HTTP Headers

GET /tracking/hp/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 07 Apr 2022 01:50:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"624e4348-3206c"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css

159.45.66.178

200 OK

2.7 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2671 bytes)
Hash
5257c2e188d24ddc00cc92573e5f2cfb
3526eb21d812e9ebfcb3514cc2ff9ad53abe442e
ae7a3a2c2db5a1dc74814e5001e439aeeae648e3b31cdb7474856dc52ea0b223

HTTP Headers

GET /assets/js/wfui/ndep/css/nuance-c2c-button.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: text/css
Last-Modified: Wed, 14 Jul 2021 10:08:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60eeb797-2bb3"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIDnAQODAQAAKO-DvNNaci84pdc37XVfeV6Y0Yi-OqZbM79W7loozftZjWod&X-G2Q3kxs3--z=q

159.45.66.156

200 OK

146 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIDnAQODAQAAKO-DvNNaci84pdc37XVfeV6Y0Yi-OqZbM79W7loozftZjWod&X-G2Q3kxs3--z=q
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65536), with no line terminators
Size
146 kB (146484 bytes)
Hash
d9e014a56d4d53b8d4aca0e473e78b0f
edf51260d808db3028ae144caab6bd946b9b7e00
8029b19a54fc56c315a451a0f04202a00e8130e249b24ef49a24acf129b62770

HTTP Headers

GET /auth/login/static/js/general_alt.js?async&seed=AIDnAQODAQAAKO-DvNNaci84pdc37XVfeV6Y0Yi-OqZbM79W7loozftZjWod&X-G2Q3kxs3--z=q HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600, immutable
Set-Cookie: WesdAksn=A-G4HAODAQAAuVy2ezptYQfXWOQuF8dmfJa48lDyoz-SeUBVeUeHkpn1IUtmAVtaKpqcuC2nwH8AADQwAAAAAA|1|0|17fc8846a414782aab9016d03889ed19577a6e0b; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css

159.45.66.178

200 OK

505 B

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with CRLF, LF line terminators
Size
505 B (505 bytes)
Hash
e2966fedd68930d5281a2ed6ea61c0d3
1ede5572cf49f251c212abdbd6f2df4bb48de1fe
c2ef5abb39d304068b5476114ebc952a97c091ea59348c8ba3adeadc715976ad

HTTP Headers

GET /assets/js/wfui/ndep/css/nuance-chat.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Nov 2020 14:00:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fb3d782-52b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

www--wellsfargo--com--t449329d48d6c.wsipv6.com/target/offers/conversations

163.171.131.129

200 OK

6.6 kB

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/target/offers/conversations
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6604), with no line terminators
Size
6.6 kB (6634 bytes)
Hash
3e0a22336ce5ae77721f5a7cd5465f43
1235dcf0217ea56a299ebda1b2558ece32f1ac09
d7110e48595cd85a430346e189c8ae2bf7d820002ddfabed6ce4845333ab4b70

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company
fortinet	Phishing

HTTP Headers

POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Cookie: ADRUM_BTa=R:0|g:72c97c07-f713-474f-942d-133c60080910|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206931; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:18 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-5e6d0eea-ea87-415c-821e-7782f17a8582' 'self' https://*.wellsfargo.com https://*.wfinterface.com;report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Server: Server
Set-Cookie: ADRUM_BTa=R:0|g:72c97c07-f713-474f-942d-133c60080910|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206931; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef; Expires=Sat, 03-Sep-2022 11:29:48 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03-Sep-2022 11:29:48 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03-Sep-2022 11:29:48 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:30|i:206893; Expires=Sat, 03-Sep-2022 11:29:48 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:30|i:206893|e:277; Expires=Sat, 03-Sep-2022 11:29:48 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120220903042918950993869; domain=.wellsfargo.com; path=/; expires=31 Aug 2032 11:29:18 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=7C14C2BE8CB5C8412CCB3DA162575536; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
X-Via: 1.1 bl22:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8d_bl22_7657-20717

static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js

159.45.66.178

200 OK

19 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65536), with no line terminators
Size
19 kB (18728 bytes)
Hash
55392b773646f8d0ce7447669d57b9df
a2ac835f802e03d4315bf3eee9cb51b1320b15c9
58ebbc236c9018a279c0059043036b148d40b90eb78ad799d4812bbda1058f2b

HTTP Headers

GET /assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:18 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 02:16:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f4668c-10199"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js

159.45.66.178

200 OK

5.6 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (928), with CRLF line terminators
Size
5.6 kB (5649 bytes)
Hash
00e6f77045d9c92840a490cfcdc9ff6a
22f273b66fe0c5d43cf747fb9868b0904d5ee4b8
4d144f941f05ff42f2a818328b7524c6d3f2b6efc1fe93a09794af14ad262f6c

HTTP Headers

GET /assets/js/wfui/ndep/js/nuan-c2c.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:18 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Mar 2022 05:41:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62317886-590b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png

104.110.27.78

200 OK

1.6 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
1.6 kB (1636 bytes)
Hash
b9d2c719de3d6701349f1134e129defe
703a51a2f72672f6b34a3dcf8d07c351143f9151
95ae72a8f3b1f5794802b2704b74bef2f29fe1b8da1f06c97a8e7ab2acb5e435

HTTP Headers

GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6116f9a6-dcf"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1636
content-type: image/webp
cache-control: private, no-transform, max-age=407461
expires: Thu, 08 Sep 2022 04:40:19 GMT
date: Sat, 03 Sep 2022 11:29:18 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico

104.110.27.78

200 OK

9.2 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
9.2 kB (9198 bytes)
Hash
cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c

HTTP Headers

GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=23764
expires: Sat, 03 Sep 2022 18:05:22 GMT
date: Sat, 03 Sep 2022 11:29:18 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png

104.110.27.78

200 OK

2.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2330 bytes)
Hash
cd43a2d200f1b8eec84495408eb299f0
2eb173b0af9b49b634e0645a96931f5fdf6e3ab3
659ec8c02bafa9c286c39731fb1d2d382a7a8dd2ee8cc4132146558dbe27b6a8

HTTP Headers

GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-9f2c"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 2330
content-type: image/webp
cache-control: private, no-transform, max-age=401334
expires: Thu, 08 Sep 2022 02:58:12 GMT
date: Sat, 03 Sep 2022 11:29:18 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png

104.110.27.78

200 OK

2.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2340 bytes)
Hash
2f9e97870725142046712437d067b97f
bf8db685193835edea05ac95e5671b24e0f49467
50ce7b0d954443e5fd62e3cd003bc7124bda0b30dd58d6a66485c72be96959c0

HTTP Headers

GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-cf3e"
last-modified: Thu, 14 Jul 2022 02:02:39 GMT
server: Akamai Image Manager
content-length: 2340
content-type: image/webp
cache-control: private, no-transform, max-age=484232
expires: Fri, 09 Sep 2022 01:59:50 GMT
date: Sat, 03 Sep 2022 11:29:18 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png

104.110.27.78

200 OK

2.1 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.1 kB (2092 bytes)
Hash
bf02d082705f06162b2e73f68602e79e
219dbb45081fa5d8663bad2f96e9066e7f17aa6e
10c22e3b130204065c1a61e7995a9defe21f0408801e8b442035a03f8d16ad64

HTTP Headers

GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-7b35"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 416
x-check-cacheable: YES
content-length: 2092
content-type: image/webp
cache-control: private, no-transform, max-age=401431
expires: Thu, 08 Sep 2022 02:59:49 GMT
date: Sat, 03 Sep 2022 11:29:18 GMT
X-Firefox-Spdy: h2

connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js

159.45.66.156

200 OK

304 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65356)
Size
304 kB (304468 bytes)
Hash
a2dc7b52b55341436b6028a5bb8a58c7
2caf4a7e834a5071fef1d669c8fbecebdb9b4138
8923d36fd606bef78d05c277ad50dcf59e3bb32aca74695cbeb9b987f6c454c8

HTTP Headers

GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:17 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600, immutable
Content-Encoding: gzip

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556837&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556837&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556837&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7657-20832

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556931&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226512-16%7Etcm%3A91-226306-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556931&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226512-16%7Etcm%3A91-226306-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556931&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7029-46460

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556928&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A283-224274-16%7Etcm%3A91-223647-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556928&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A283-224274-16%7Etcm%3A91-223647-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556928&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A283-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7002-14615

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556935&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A283-223859-16%7Etcm%3A91-223657-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556935&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A283-223859-16%7Etcm%3A91-223657-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556935&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A283-223859-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7002-14624

www17.wellsfargomedia.com/assets/images/rwd/man_on_phone_working_616x353.jpg

104.110.27.78

200 OK

27 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/man_on_phone_working_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
27 kB (27308 bytes)
Hash
74b4165e39bd1f78bcfea02714305ed8
0ce77880f95e344c533c511614e1d0c110b48c2a
43c8519af2d895bb25d7f0aad6b5cd1f48576c8950111f34d4270ee79599188f

HTTP Headers

GET /assets/images/rwd/man_on_phone_working_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "618017dd-b06e"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 27308
content-type: image/webp
cache-control: private, no-transform, max-age=401363
expires: Thu, 08 Sep 2022 02:58:42 GMT
date: Sat, 03 Sep 2022 11:29:19 GMT
X-Firefox-Spdy: h2

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556940&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-228778-16%7Etcm%3A91-228643-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556940&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-228778-16%7Etcm%3A91-228643-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556940&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-228778-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7657-20892

www17.wellsfargomedia.com/assets/images/rwd/couple_consulting_616x353.jpg

104.110.27.78

200 OK

16 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/couple_consulting_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
16 kB (15636 bytes)
Hash
b7db89ceab29fc66b8bf41f01cdcb875
4655ce2c2ad59aa036e7521e8173a8f62d5de1a6
353a26fcba41b08c62531bc66778f21c2e4960b5c5bc579704a1852c14698505

HTTP Headers

GET /assets/images/rwd/couple_consulting_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "618017dd-8830"
last-modified: Thu, 14 Jul 2022 02:03:42 GMT
server: Akamai Image Manager
content-length: 15636
content-type: image/webp
cache-control: private, no-transform, max-age=484429
expires: Fri, 09 Sep 2022 02:03:08 GMT
date: Sat, 03 Sep 2022 11:29:19 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/woman_phone_street_616x353.jpg

104.110.27.78

200 OK

38 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/woman_phone_street_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
38 kB (38106 bytes)
Hash
30b25c4c8908dc48046948d992ac1654
500fdd111803c9762158dcbb9cf69f686614f9c9
7636534f520bd4e393d4f0f4779d7bb78f10d4bb340a35be5434198a1ad94985

HTTP Headers

GET /assets/images/rwd/woman_phone_street_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "618017dd-b92e"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 38106
content-type: image/webp
cache-control: private, no-transform, max-age=484397
expires: Fri, 09 Sep 2022 02:02:36 GMT
date: Sat, 03 Sep 2022 11:29:19 GMT
X-Firefox-Spdy: h2

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556937&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556937&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556937&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_6995-35895

www17.wellsfargomedia.com/assets/images/rwd/personal_sb_native_app_balloons.jpg

104.110.27.78

200 OK

6.6 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/personal_sb_native_app_balloons.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1400x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.6 kB (6552 bytes)
Hash
77ea76c95dde22ad3caf67207d9c98c6
2ed2fb8922df26438baab911b5aa37da68bd3e03
6d1706754008c9678989c935b512d5a8493c60e434b7a4cbbfee13b266951348

HTTP Headers

GET /assets/images/rwd/personal_sb_native_app_balloons.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62475a57-7765"
last-modified: Thu, 11 Aug 2022 16:32:29 GMT
server: Akamai Image Manager
x-serial: 1666
x-check-cacheable: YES
content-length: 6552
content-type: image/webp
cache-control: private, no-transform, max-age=622962
expires: Sat, 10 Sep 2022 16:32:01 GMT
date: Sat, 03 Sep 2022 11:29:19 GMT
X-Firefox-Spdy: h2

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556933&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556933&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556933&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7029-46469

www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg

104.110.27.78

200 OK

29 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
29 kB (29240 bytes)
Hash
1368994cfb46c8ae169c749459365581
49af26a99885e645354f7b26e123655cdeee159b
a5bcbe6002a1fbae84d43160b1f45c3686d5c35e7fda458e9f4b3fd2dacfe3e5

HTTP Headers

GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "618017dd-cd21"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 29240
content-type: image/webp
cache-control: private, no-transform, max-age=401351
expires: Thu, 08 Sep 2022 02:58:30 GMT
date: Sat, 03 Sep 2022 11:29:19 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/woman_in_office_616x353.jpg

104.110.27.78

200 OK

32 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/woman_in_office_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
32 kB (31450 bytes)
Hash
7b5816c180aaf51a1142bd41e53a6ed3
f8dfd3ec8e0fb88ecef0a4b07acda06d280741ab
d7651b47c8d449b7311d15e9625df3514e7c0278ff059392189e608b5a9113a1

HTTP Headers

GET /assets/images/rwd/woman_in_office_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "618017dd-d06e"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 31450
content-type: image/webp
cache-control: private, no-transform, max-age=401420
expires: Thu, 08 Sep 2022 02:59:39 GMT
date: Sat, 03 Sep 2022 11:29:19 GMT
X-Firefox-Spdy: h2

connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js

159.45.66.156

200 OK

571 B

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
C source, ASCII text
Size
571 B (571 bytes)
Hash
31e364d587a9b98fec6ea081ae22d410
911e26b5aca47302630e6b864863aa576584910a
ddacac13997fa548407840809c9707dedb51b5a2ede4633889ebe34b59540e35

HTTP Headers

GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 05 Aug 2022 17:13:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ed4fbe-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556943&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556943&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556943&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7029-46522

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d596de8ea8049d5fe75acfc5f91cb1a4
b6c77857263b6af90215582e03212313f3c3fe83
faf5be5fcc766f2e98a34bb5cdd100f11caec03b7059384b66466425c62f6c4f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:20 GMT
Last-Modified: Sat, 03 Sep 2022 09:46:42 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556945&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-228784-16%7Etcm%3A91-228643-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556945&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-228784-16%7Etcm%3A91-228643-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556945&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-228784-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7002-14680

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556948&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556948&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556948&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:19 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7002-14684

dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1662204557613

34.247.235.92

200 OK

321 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1662204557613
IP
34.247.235.92:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Size
321 B (321 bytes)
Hash
4095929ec5b206590aba734466d474ac
9ed2fe66cb5e3a21a26b942a9149235b797a94ac
f362b53eee2c39e58ea0d9a31de1ffffe21b4cb981c260683da05945f24547a7

HTTP Headers

GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1662204557613 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v038-001c634f9.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=82090539755303925452061460015997196960; Max-Age=15552000; Expires=Thu, 02 Mar 2023 11:29:20 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: /c3YSKAgT7E=
Content-Length: 321
Connection: keep-alive

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556950&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-228805-16%7Etcm%3A91-228643-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556950&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-228805-16%7Etcm%3A91-228643-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556950&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-228805-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:20 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7657-20906

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556952&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556952&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1662204556952&pageID=per_home&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:20 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_6995-35940

www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556953&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228918-16%7Etcm%3A91-223671-32

163.171.131.129

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556953&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228918-16%7Etcm%3A91-223671-32
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&cb=1662204556953&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228918-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:1$_ss:1$_st:1662206355668$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Sep 2022 11:29:20 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 bl22:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a8f_bl22_7029-46534

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
591b2a184f9b07a64f0943ea8cbba8a1
9944706432bb1044d44bccc9bee96c8ee9b04dbb
4edfe10f04fce287e80cc25d346692eb888a154bd6b253321d16a2ae64294b7d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 13:42:55 GMT
Expires: Wed, 07 Sep 2022 13:42:54 GMT
Etag: "9944706432bb1044d44bccc9bee96c8ee9b04dbb"
Cache-Control: max-age=353013,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744e25a49aef0b51-OSL

api.rlcdn.com/api/identity/idl?pid=1317

34.120.133.55

451 Unavailable For Legal Reasons

0 B

URL HTTP/2
api.rlcdn.com/api/identity/idl?pid=1317
IP
34.120.133.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/identity/idl?pid=1317 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 451 Unavailable For Legal Reasons
date: Sat, 03 Sep 2022 11:29:20 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/gb/detector-dom.min.js

159.45.66.178

200 OK

104 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65428), with CRLF line terminators
Size
104 kB (103641 bytes)
Hash
871216e9a9f9c92c52e2adcc5ba56a4a
917d4715bb86c0e615c474c09cc069a735d73e87
095a255101d498f53bed881a795f7a5930c23a23815f15ba615e1b649bad5565

HTTP Headers

GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 13 Apr 2021 21:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"607609e7-532b0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=82059487817664557942060061608053137587&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%011120220903042916884190316%011&ts=1662204557867

34.247.235.92

200 OK

320 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=82059487817664557942060061608053137587&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%011120220903042916884190316%011&ts=1662204557867
IP
34.247.235.92:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Size
320 B (320 bytes)
Hash
f7812338cf6196af55df0a3536197c0f
bee8733dc6f3c5c02d5e5735e35f4ce94a2b97dc
a66120b252d957fdd5d8abb44a55aeb1d39a4df44365480bfee9842fd107d685

HTTP Headers

GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=82059487817664557942060061608053137587&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%011120220903042916884190316%011&ts=1662204557867 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v038-014595e4a.edge-irl1.demdex.com 7 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=82965693360896251033380615809743941947; Max-Age=15552000; Expires=Thu, 02 Mar 2023 11:29:20 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: cvWmBBScT0w=
Content-Length: 320
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
591b2a184f9b07a64f0943ea8cbba8a1
9944706432bb1044d44bccc9bee96c8ee9b04dbb
4edfe10f04fce287e80cc25d346692eb888a154bd6b253321d16a2ae64294b7d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 13:42:55 GMT
Expires: Wed, 07 Sep 2022 13:42:54 GMT
Etag: "9944706432bb1044d44bccc9bee96c8ee9b04dbb"
Cache-Control: max-age=353013,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744e25a57bce0b51-OSL

static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

159.45.66.178

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65508)
Size
45 kB (45086 bytes)
Hash
f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e

HTTP Headers

GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

159.45.66.178

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (32088), with CRLF line terminators
Size
14 kB (14304 bytes)
Hash
3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

159.45.66.156

200 OK

151 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65536), with no line terminators
Size
151 kB (150778 bytes)
Hash
80ef85992c87654007ab784550a3a853
4a924400da80febd2c04ae64719c60f5e22268b1
2798f29b342ed83d8ed786011437fd185d47720fdd78379500b27e8032680fbc

HTTP Headers

GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:19 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=Ax_CHAODAQAArMS_3RGhgo9bGZn7ZxnWyWPjydyimUI6ZrNC831b0hFM9bXAAVtaKpqcuC2nwH8AADQwAAAAAA|1|0|71384c4e403beeacaa7c8ae250b4dcd593fde646; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Allow: GET, POST, OPTIONS
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Access-Control-Allow-Methods: POST
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: W/"63058309-172f"
Last-Modified: Wed, 24 Aug 2022 01:46:49 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip

wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1662204557617

54.77.35.16

200 OK

322 B

URL HTTP/1.1
wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1662204557617
IP
54.77.35.16:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (596), with no line terminators
Size
322 B (322 bytes)
Hash
b673cc42d88d74e8ecb12a201f3f58c0
e2643c29e86c867f48468a704d4152e4308eae7d
babd511da5a7e6dfb2ae40ae03340d542272427d3aa96a97da741d691ae97a55

HTTP Headers

POST /event?d_dil_ver=9.5&_ts=1662204557617 HTTP/1.1
Host: wellsfargobankna.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 390
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v038-0cd01d737.edge-irl1.demdex.com 6 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=82090539755303925452061460015997196960; Max-Age=15552000; Expires=Thu, 02 Mar 2023 11:29:20 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: gfCbt6FSSXQ=
Content-Length: 322
Connection: keep-alive

www--wellsfargo--com--t449329d48d6c.wsipv6.com/as/jsLog

163.171.131.129

200 OK

0 B

URL HTTP/1.1
www--wellsfargo--com--t449329d48d6c.wsipv6.com/as/jsLog
IP
163.171.131.129:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Wells Fargo & Company
fortinet	Phishing

HTTP Headers

POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--t449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 346
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/es/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!DvkooIMwDVJP7v0GroRxL4uCL1r/46Lajw5l8R5oDyRq6OU19VUoA5a6j9S8HgFnQivOeLlBRQRd7OA=; utag_main=v_id:0183031cb1940022b8c56483632c00044003a00900918$_sn:1$_se:2$_ss:0$_st:1662206357802$ses_id:1662204555668%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:30|i:206893|e:277; __ts_xfdF3__=955412527; dti_apg=%7B%22_rt%22%3A%22DQEiBNJMujnI8Cmqg3TnkshkH8ev0TmjyFshyiS%2BqKo%3D%22%2C%22_s%22%3A%22RhtJMvJ5%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C82059487817664557942060061608053137587%7CMCAAMLH-1662809357%7C6%7CMCAAMB-1662204556%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-899488393%7CMCOPTOUT-1662211757s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: default-src https:; img-src https: data:; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; object-src 'self'; font-src https: data:; style-src https: 'unsafe-inline'; script-src 'nonce-067660d7-022e-4733-a601-66b64cae72a9' 'self' https://*.wellsfargo.com https://*.wfinterface.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://s.yimg.com https://sp.analytics.yahoo.com https://cdn.schemaapp.com;report-uri https://ort.wellsfargo.com/reporting/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:30|g:0f2459f7-6f42-4e67-bdbb-72a6290e27ef|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:30|i:206893|e:277; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:30|g:627a15f1-8099-4276-ac39-e6ec56e7d4fa; Expires=Sat, 03-Sep-2022 11:29:50 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:30|g:627a15f1-8099-4276-ac39-e6ec56e7d4fa|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03-Sep-2022 11:29:50 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03-Sep-2022 11:29:50 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=4830ABFDA53D7228CD8E777F8AB5FE49; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 03-Sep-2023 11:29:20 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120220903042920995356797; domain=.wellsfargo.com; path=/; expires=31 Aug 2032 11:29:20 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:30|i:206915; Expires=Sat, 03-Sep-2022 11:29:50 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:30|i:206915|e:2; Expires=Sat, 03-Sep-2022 11:29:50 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:30|i:206915|e:2|d:1; Expires=Sat, 03-Sep-2022 11:29:50 GMT; Path=/; Secure; SameSite=Lax; Httponly
ISD_WCM_COOKIE=!80V8Jy4Ria2SEEUpvV2tGE/ALM5TOYBzuHZrt3AEGxdFfGkmHrMkOGkFMiW9DC5Wd3e0H+o7EZmYGKg=; path=/; Httponly; Secure
X-Via: 1.1 bl22:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63133a90_bl22_7657-20936

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
79e9d98104da3eb26b26da54275823a6
c2080d162d66af4e15fa402ddbe7e1ab065680e9
328cbf1332e03e71b5b2104fcaf4dd0e9ea59ce974de2da507e497e6566b115f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6357
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:20 GMT
Last-Modified: Sat, 03 Sep 2022 09:43:23 GMT
Server: ECS (amb/6BB3)
X-Cache: HIT
Content-Length: 471

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.80d5260aef1a12bc638a.js

159.45.66.156

200 OK

3.6 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.80d5260aef1a12bc638a.js
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (7300), with no line terminators
Size
3.6 kB (3642 bytes)
Hash
1898ee364dd22ee5894f7dcecdee9a53
7364b81f8435f0e4de92f0820aa632d8eccb09c1
53dfda97f845401628416e3ba9b9073a831ef7554d4f03817a26f6241fb22c2e

HTTP Headers

GET /accounts/static/7M/accounts/public/js/runtime.80d5260aef1a12bc638a.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 05 Aug 2022 17:13:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ed4fbe-1c84"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdoab1s;
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1

connect.secure.wellsfargo.com/auth/static/prefs/atadun.js

159.45.66.156

200 OK

607 B

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with CRLF line terminators
Size
607 B (607 bytes)
Hash
00c66df208db2e1ba86a1bf44853001c
703b030e21167b9bbb52ae54bca96921a886c2dc
ab1989dd07ba1ed256db9131647ea9cb1b3735fac736fd27fb73b4b44c6e45b9

HTTP Headers

GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 24 Aug 2022 01:39:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63058141-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

159.45.66.178

200 OK

16 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (599)
Size
16 kB (15970 bytes)
Hash
18a9dcc7cee831010cf1647c8e39088a
731f39c30835414c6e165dd4687bf4071fe0eb10
1dc439a17ef08f995584c4869ccc397120b2502b57ba40240887df28e347be9b

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=565646e4-7e7d-4c06-9506-34c37c2e4564%3A0&_cls_v=4b8ae976-7a3e-4238-a739-52effe835020

23.36.79.18

200 OK

74 B

URL HTTP/1.1
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=565646e4-7e7d-4c06-9506-34c37c2e4564%3A0&_cls_v=4b8ae976-7a3e-4238-a739-52effe835020
IP
23.36.79.18:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
623ae8057fa56d0e7c825d0f7d406103
273d77776bfeff3e0bfe2ea8921b6666f667a3f5
9a53dc961c97e4c1af2f1b353b223f5b8a50480b4d87b43826cc17cb3d46b6a0

HTTP Headers

GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=565646e4-7e7d-4c06-9506-34c37c2e4564%3A0&_cls_v=4b8ae976-7a3e-4238-a739-52effe835020 HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 74
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: origin, Accept-Encoding
Date: Sat, 03 Sep 2022 11:29:20 GMT
Connection: keep-alive
Set-Cookie: _cls_v=4b8ae976-7a3e-4238-a739-52effe835020; Secure; SameSite=None;HttpOnly;Secure
_cls_s=565646e4-7e7d-4c06-9506-34c37c2e4564:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!jpixTctOvzGF2ZUR0YpcGl4FPg9joe/grIhUdlwTaBrHVt9U6ovf1wC3UAY4rxOgRnVUZrhYVlv4cQ==; path=/; Httponly; Secure
DCID=E7w3NpCApH+uQA6EVYjAnukOKvV++DJjggaz4DGThxdjKjdzS2A9TtzM4EnkJ9eC; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Sep 2022 11:44:20 GMT;Httponly; Secure

connect.secure.wellsfargo.com/AIDO/glu.js

159.45.66.156

200 OK

30 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/AIDO/glu.js
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29638 bytes)
Hash
a2f79b3c21355f6ea06d198e67c48c6a
662577b079a44374c12ad2063ed97369b913e9dd
4737ba9d2c2e7234ec787254cdfc10b85b1ee3229777e2975099df6e4fe8e8b4

HTTP Headers

GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: KONICHIWA/1.1
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
Strict-Transport-Security: max-age=86400
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly

tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005

8.39.193.5

200 OK

266 B

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
266 B (266 bytes)
Hash
a671bc4e541aadc71fd7812d93af15e7
3b8c76ac113e54f3d413e09807f3661c72d0f6b5
ef16255038c7c5847295c3c434243418d898b7b40a9095aeeb65e3ddb7579383

HTTP Headers

GET /tagserver/nuanceChat.html?UUID=WF_10006005 HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "+6ZNxP/6RTk"
Last-Modified: Wed, 24 Aug 2022 03:52:14 GMT
Accept-Ranges: bytes
Content-Type: text/html; charset=utf-8
Content-Length: 266
Date: Sat, 03 Sep 2022 11:29:20 GMT

static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153

159.45.66.178

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65508)
Size
45 kB (45086 bytes)
Hash
f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e

HTTP Headers

GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.3047119850260789

159.45.66.156

200 OK

30 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.3047119850260789
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30518 bytes)
Hash
cdf028d9ee4c27813fa8315558da6a14
36e8f4682381acae284c5b558133ff52d2ea15f4
4175d110749e42ed0a68e43412a41e1787ec9cfaedd86ef85c76db243774fc63

HTTP Headers

GET /AIDO/mint.js?dt=login&r=0.3047119850260789 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: KONICHIWA/1.1
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
max-age: 0
Expires: -1
Strict-Transport-Security: max-age=86400
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly

tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js

8.39.193.5

200 OK

5.8 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text
Size
5.8 kB (5817 bytes)
Hash
2567a541f33a261f8fca11dad46b636a
0f23cb71788652af10a4b226be05648d0f763d4f
0fd35a0d2ac21f42f443ec000ea11e55a3498e777b8b91938ceeedca8456d37a

HTTP Headers

GET /tagserver/frame-bridge.js HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "/sVCUwsi+1l"
Last-Modified: Wed, 24 Aug 2022 03:52:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 5817
Date: Sat, 03 Sep 2022 11:29:20 GMT

connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBoeUhGanZ3MUJwSlhsU1pJVmJEV1V1WXZFQVkvVHo4VDJNazFjcTVyTUJQR2piNUxackR0TmtCWDg2L0Jsdm1qbUh1V3NTS0hydG5pRElHNmc3REJrWndjeGY2Q0kxdDNNV2dDeDVEaktPWmtDUG1kVVc5bkRsbGlJdXhpRWlJWmh0Tk9qcURlNmhHQ1FOYmcvQXNwMzgySXpiSjA1TUQrUW1JbjVJYmNiWktyRVJmZGdUSXFIWk9UUkNIVEQwSEI1UlJhWVEzWTFIemRyZ1MyT0NxMEExcHg3MXFuNW56UzdIZ01sUFF2UnlqNXFTNFhKbCtiL2lBN1h4Y0FocFNXSlpLZUxzc2FmeU9yd0xWTlVDR3RNdWdjZnNtbFN4VGRWamFlbm5yaGZXbmU3QT09fDY2ODg0ZGNmNTk5ZDRlZjkzOTcxZjUwMjlkMjQ2ZThhMmFkMDlhNTMxMGY1NjA0YjgxODVhNTQxMmJhZGFmOWMxMDA3NzVlZjQxZWYxOWY0ODVkY2U4ODFiNWI2ZTljZjk2ZThiZmEyYjAwNDA0NzY1M2UzMTM5YWU4OWExZWYyNDY4YmIxYjlkZmI2MjA1ZGQ0MTI1ZGU5YTg2YTU3MTA3NjllMDU4NTA0N2NjYmQwNjVmNzEwNzMwOTBhYzJmNGY0MjBlMDA3YzI0Yjg5NzQyZjAyZmZkMGVjNGQ0ZDMxMWI4NDk2MzEyZWRiMTYxYWExNzI0ODk3OWQxMzY4ZDM5YjU5NzhkMTQ1MzQwYWUzMTY1MWNlNjQwYmU0MGYyYTIyZWE4OGYyNjRmYTliNTcxZTQwMDI4ZTNlMDIzNDg4NjhlZTRiMDYzZDc5ZWMwZDM5ZDUxNTY5ZTQxOWIwNjBmYzM1YzVjMDc1NTliYzUwZTk2MWYyMjBiYWI1YzYyMDdhNzgyODQ4MjhmZjgzMzE0ZDk1NDQ0ZjdkZTc1Y2RiM2E2OTNhZmMyNjAwNWYwZmQxZWUwYjAyN2QyODc3ZmI3YWU1YmVkMzIyZmJiZTBjMDQ4MjgwMWFhN2I1ZjMxMThhMjJlZGEzNjNiYzEyOTRiN2Q0YWUzZTBlODhlMjQ3fDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com&t=jsonp&c=llcoyyzdscxggxnf&eu=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F

159.45.66.156

200 Ok

90 B

URL HTTP/1.1
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBoeUhGanZ3MUJwSlhsU1pJVmJEV1V1WXZFQVkvVHo4VDJNazFjcTVyTUJQR2piNUxackR0TmtCWDg2L0Jsdm1qbUh1V3NTS0hydG5pRElHNmc3REJrWndjeGY2Q0kxdDNNV2dDeDVEaktPWmtDUG1kVVc5bkRsbGlJdXhpRWlJWmh0Tk9qcURlNmhHQ1FOYmcvQXNwMzgySXpiSjA1TUQrUW1JbjVJYmNiWktyRVJmZGdUSXFIWk9UUkNIVEQwSEI1UlJhWVEzWTFIemRyZ1MyT0NxMEExcHg3MXFuNW56UzdIZ01sUFF2UnlqNXFTNFhKbCtiL2lBN1h4Y0FocFNXSlpLZUxzc2FmeU9yd0xWTlVDR3RNdWdjZnNtbFN4VGRWamFlbm5yaGZXbmU3QT09fDY2ODg0ZGNmNTk5ZDRlZjkzOTcxZjUwMjlkMjQ2ZThhMmFkMDlhNTMxMGY1NjA0YjgxODVhNTQxMmJhZGFmOWMxMDA3NzVlZjQxZWYxOWY0ODVkY2U4ODFiNWI2ZTljZjk2ZThiZmEyYjAwNDA0NzY1M2UzMTM5YWU4OWExZWYyNDY4YmIxYjlkZmI2MjA1ZGQ0MTI1ZGU5YTg2YTU3MTA3NjllMDU4NTA0N2NjYmQwNjVmNzEwNzMwOTBhYzJmNGY0MjBlMDA3YzI0Yjg5NzQyZjAyZmZkMGVjNGQ0ZDMxMWI4NDk2MzEyZWRiMTYxYWExNzI0ODk3OWQxMzY4ZDM5YjU5NzhkMTQ1MzQwYWUzMTY1MWNlNjQwYmU0MGYyYTIyZWE4OGYyNjRmYTliNTcxZTQwMDI4ZTNlMDIzNDg4NjhlZTRiMDYzZDc5ZWMwZDM5ZDUxNTY5ZTQxOWIwNjBmYzM1YzVjMDc1NTliYzUwZTk2MWYyMjBiYWI1YzYyMDdhNzgyODQ4MjhmZjgzMzE0ZDk1NDQ0ZjdkZTc1Y2RiM2E2OTNhZmMyNjAwNWYwZmQxZWUwYjAyN2QyODc3ZmI3YWU1YmVkMzIyZmJiZTBjMDQ4MjgwMWFhN2I1ZjMxMThhMjJlZGEzNjNiYzEyOTRiN2Q0YWUzZTBlODhlMjQ3fDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com&t=jsonp&c=llcoyyzdscxggxnf&eu=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
8a19c7f4abeba027654d723078f4a3b3
1be13329e8ca21fbbdc7b21583c158a05eb5dcac
6100fdf178421d432e8fe4b0da1a6e131b355cc07619e1cbf294d87755b13907

HTTP Headers

GET /AIDO/vyHb?d=ZW5jZEBoeUhGanZ3MUJwSlhsU1pJVmJEV1V1WXZFQVkvVHo4VDJNazFjcTVyTUJQR2piNUxackR0TmtCWDg2L0Jsdm1qbUh1V3NTS0hydG5pRElHNmc3REJrWndjeGY2Q0kxdDNNV2dDeDVEaktPWmtDUG1kVVc5bkRsbGlJdXhpRWlJWmh0Tk9qcURlNmhHQ1FOYmcvQXNwMzgySXpiSjA1TUQrUW1JbjVJYmNiWktyRVJmZGdUSXFIWk9UUkNIVEQwSEI1UlJhWVEzWTFIemRyZ1MyT0NxMEExcHg3MXFuNW56UzdIZ01sUFF2UnlqNXFTNFhKbCtiL2lBN1h4Y0FocFNXSlpLZUxzc2FmeU9yd0xWTlVDR3RNdWdjZnNtbFN4VGRWamFlbm5yaGZXbmU3QT09fDY2ODg0ZGNmNTk5ZDRlZjkzOTcxZjUwMjlkMjQ2ZThhMmFkMDlhNTMxMGY1NjA0YjgxODVhNTQxMmJhZGFmOWMxMDA3NzVlZjQxZWYxOWY0ODVkY2U4ODFiNWI2ZTljZjk2ZThiZmEyYjAwNDA0NzY1M2UzMTM5YWU4OWExZWYyNDY4YmIxYjlkZmI2MjA1ZGQ0MTI1ZGU5YTg2YTU3MTA3NjllMDU4NTA0N2NjYmQwNjVmNzEwNzMwOTBhYzJmNGY0MjBlMDA3YzI0Yjg5NzQyZjAyZmZkMGVjNGQ0ZDMxMWI4NDk2MzEyZWRiMTYxYWExNzI0ODk3OWQxMzY4ZDM5YjU5NzhkMTQ1MzQwYWUzMTY1MWNlNjQwYmU0MGYyYTIyZWE4OGYyNjRmYTliNTcxZTQwMDI4ZTNlMDIzNDg4NjhlZTRiMDYzZDc5ZWMwZDM5ZDUxNTY5ZTQxOWIwNjBmYzM1YzVjMDc1NTliYzUwZTk2MWYyMjBiYWI1YzYyMDdhNzgyODQ4MjhmZjgzMzE0ZDk1NDQ0ZjdkZTc1Y2RiM2E2OTNhZmMyNjAwNWYwZmQxZWUwYjAyN2QyODc3ZmI3YWU1YmVkMzIyZmJiZTBjMDQ4MjgwMWFhN2I1ZjMxMThhMjJlZGEzNjNiYzEyOTRiN2Q0YWUzZTBlODhlMjQ3fDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com&t=jsonp&c=llcoyyzdscxggxnf&eu=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 Ok
Server: KONICHIWA/1.1
Date: Sat, 03 Sep 2022 11:29:21 GMT
Content-Type: text/javascript
Content-Length: 90
Connection: keep-alive
max-age: 0
Expires: -1
Strict-Transport-Security: max-age=86400
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Vary: Accept-Encoding

connect.secure.wellsfargo.com/jenny/nd

159.45.66.156

200

17 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/jenny/nd
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (2285)
Size
17 kB (16937 bytes)
Hash
cd9eec6f45337f6ed8b8d02175931a22
f3b6d744c54aee350cc8ed5155854416e38f48b3
bf0cc73539823532bec0d151222a28c20a12a5fc013ac7170931b72a37eba146

HTTP Headers

GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Set-Cookie: ADRUM_BTa=R:55|g:33f84d48-b785-4e9b-85cb-e8a44b1366e9; Expires=Sat, 03-Sep-2022 11:29:51 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:33f84d48-b785-4e9b-85cb-e8a44b1366e9|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03-Sep-2022 11:29:51 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 03-Sep-2022 11:29:51 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sat, 03-Sep-2022 11:29:51 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:2; Expires=Sat, 03-Sep-2022 11:29:51 GMT; Path=/; Secure
ISD_AB_COOKIE=B; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Strict-Transport-Security: max-age=31536000
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Sat, 03 Sep 2022 11:29:20 GMT
Keep-Alive: timeout=600
Connection: keep-alive
Server: KONICHIWA/1.1

connect.secure.wellsfargo.com/dti_apg/api/dip/v1/dip

159.45.66.156

200 OK

206 B

URL HTTP/1.1
connect.secure.wellsfargo.com/dti_apg/api/dip/v1/dip
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
JSON data\012- , ASCII text, with no line terminators
Size
206 B (206 bytes)
Hash
d6c1953a1bfd99ca701b1a26f329428b
f1b3176ee99f03649837a909f0952db933d1f8c2
cf38ed35895eb92ff0951035e868f103993f219778f8e886ea8789a31945fd26

HTTP Headers

POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1990
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: KONICHIWA/1.1
date: Sat, 03 Sep 2022 11:29:21 GMT
content-type: text/html; charset=utf-8
content-length: 206
access-control-allow-origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
vary: Origin, Accept-Encoding
x-envoy-upstream-service-time: 9
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly

static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569

159.45.66.178

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65508)
Size
45 kB (45086 bytes)
Hash
f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e

HTTP Headers

GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1

159.45.66.178

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65508)
Size
45 kB (45086 bytes)
Hash
f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e

HTTP Headers

GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk

8.39.193.5

200 OK

2.0 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (1055)
Size
2.0 kB (1979 bytes)
Hash
e786d2586f4b1fcb9e0fec22606f87f9
b9a452a1ebf79375ce5f3b38855770e538cb424c
80e0396435fabdb24868f8b7fbfccf821f56fd5b608c2373a2a04f34eedc0b98

HTTP Headers

GET /chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: no-cache
ETag: "HIQy5UVp3aE"
Last-Modified: Thu, 01 Sep 2022 04:14:30 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 1979
Date: Sat, 03 Sep 2022 11:29:21 GMT

static.wellsfargo.com/tracking/ga/ga.js

159.45.66.178

200 OK

20 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/ga.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (49163)
Size
20 kB (19477 bytes)
Hash
d76c07f3794667edfb1c8ac0df3aac66
23e1915175dad06223c692b49c7b3c2aad1a5820
e0a246ff71144016a26e53493b8275a3a02b9386c690a169801840072851136b

HTTP Headers

GET /tracking/ga/ga.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:21 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/ga/ga_conversion_async.js

159.45.66.178

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/ga_conversion_async.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (35846)
Size
14 kB (13593 bytes)
Hash
42c817a7b5f9583b2bc70f742dc950c9
ff75711716f8605860abe551b0235f7194e4348e
881b430ac699f32b3b5234582494d1f4fc0d22be1e6ac797847d66bc5ebc250f

HTTP Headers

GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:21 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f6d9674a0a2b4887d6c6d04fa8e084c
ac31080b6eb2bf3b6b7d94df94c79394a2721026
ce66b4299293498a050c05bdd7c1e2261bcab782a32bd37f59800a64770ccf62

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=7610580710998;gtm=2od8g0;auiddc=451372271.1662204559;u1=1120220903042916884190316;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F?

142.250.74.70

200 OK

432 B

URL HTTP/2
2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=7610580710998;gtm=2od8g0;auiddc=451372271.1662204559;u1=1120220903042916884190316;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550), with no line terminators
Size
432 B (432 bytes)
Hash
c527de6ed36e94b331e8bd850fdb2dd3
0e51473f0670b3cad0fe2844de12efb7f65c7172
2fda0fb0ba3e6d64699ba17ae9045ea8e419bb5f09f3ed1475d65c236a03ca41

HTTP Headers

GET /activityi;src=2549153;type=allv40;cat=all_a00;ord=7610580710998;gtm=2od8g0;auiddc=451372271.1662204559;u1=1120220903042916884190316;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F? HTTP/1.1
Host: 2549153.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 11:29:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 432
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 11:44:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f6d9674a0a2b4887d6c6d04fa8e084c
ac31080b6eb2bf3b6b7d94df94c79394a2721026
ce66b4299293498a050c05bdd7c1e2261bcab782a32bd37f59800a64770ccf62

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=1903882266&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=1965225179&gjid=1917749712&cid=827393636.1662204559&tid=UA-107148943-1&_gid=1848142300.1662204559&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=1120220903042916884190316&cd12=BROWSER&cd22=hp&cd23=4.48.0&gtm=2ou8g0&cd35=827393636.1662204559&z=2122413636

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=1903882266&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=1965225179&gjid=1917749712&cid=827393636.1662204559&tid=UA-107148943-1&_gid=1848142300.1662204559&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=1120220903042916884190316&cd12=BROWSER&cd22=hp&cd23=4.48.0&gtm=2ou8g0&cd35=827393636.1662204559&z=2122413636
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j92&aip=1&a=1903882266&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=1965225179&gjid=1917749712&cid=827393636.1662204559&tid=UA-107148943-1&_gid=1848142300.1662204559&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=1120220903042916884190316&cd12=BROWSER&cd22=hp&cd23=4.48.0&gtm=2ou8g0&cd35=827393636.1662204559&z=2122413636 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
date: Sat, 03 Sep 2022 11:29:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/ga/ec.js

159.45.66.178

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/ec.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (2771)
Size
1.3 kB (1313 bytes)
Hash
8a1d22ba0de1104dcdc02a582b407ed2
e4d90fd13a73c7379c46b197ded523a5d33c69b9
4a44a1a7efd65360f31e0b1842ad06b7fedc7c0373c69c0077c696cd49cc35de

HTTP Headers

GET /tracking/ga/ec.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:21 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.3.118B100&_cls_s=565646e4-7e7d-4c06-9506-34c37c2e4564:0&_cls_v=4b8ae976-7a3e-4238-a739-52effe835020&pid=3aae8f42-93ef-4eb5-9091-8145be2624d6&sn=1&aid=

23.36.79.18

200 OK

969 B

URL HTTP/1.1
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.3.118B100&_cls_s=565646e4-7e7d-4c06-9506-34c37c2e4564:0&_cls_v=4b8ae976-7a3e-4238-a739-52effe835020&pid=3aae8f42-93ef-4eb5-9091-8145be2624d6&sn=1&aid=
IP
23.36.79.18:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (4597), with no line terminators
Size
969 B (969 bytes)
Hash
f3f62861b191c56cac5d3ad0d5f43e0f
95de5c861ffe75480dd901b006e741a9c5c17680
112a55e6868ee09689b2963f15f03e7eb471623b9c3f8947912a785a70ae5ff4

HTTP Headers

POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.3.118B100&_cls_s=565646e4-7e7d-4c06-9506-34c37c2e4564:0&_cls_v=4b8ae976-7a3e-4238-a739-52effe835020&pid=3aae8f42-93ef-4eb5-9091-8145be2624d6&sn=1&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3006
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Cookie: _cls_v=4b8ae976-7a3e-4238-a739-52effe835020; _cls_s=565646e4-7e7d-4c06-9506-34c37c2e4564:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 969
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: origin, Accept-Encoding
Date: Sat, 03 Sep 2022 11:29:21 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=18d2c6f2; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!Rvb6kdPDWrcsVaRFQ6PzwGA3hQp6HgL2MLFsu2hiTt4vgATnyYojHEjNpBVewiLok6O6wHSi7KFKNA==; path=/; Httponly; Secure
DCID=Tz5B1Iy31c+RezY4AMZAnAB7FYPd34ieYDpzGnPm5Pp8vNlCtCCMUmT6GPHprvh6; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Sep 2022 11:44:21 GMT;Httponly; Secure

adservice.google.com/ddm/fls/i/src=2549153;type=allv40;cat=all_a00;ord=7610580710998;gtm=2od8g0;auiddc=451372271.1662204559;u1=1120220903042916884190316;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F

142.250.74.162

200 OK

432 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=2549153;type=allv40;cat=all_a00;ord=7610580710998;gtm=2od8g0;auiddc=451372271.1662204559;u1=1120220903042916884190316;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (549), with no line terminators
Size
432 B (432 bytes)
Hash
48f01b2a1caa51c72f8c880e620d68f1
e0db526f42bceadabe674abd1cc3bb6e81d4b5e1
5fa995c0c6ac653b59958cd70d13dd8848b7754975f723ccd89b5b83a68db04d

HTTP Headers

GET /ddm/fls/i/src=2549153;type=allv40;cat=all_a00;ord=7610580710998;gtm=2od8g0;auiddc=451372271.1662204559;u1=1120220903042916884190316;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2549153.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 11:29:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.01083dad213681fca617.chunk.js

159.45.66.156

200 OK

13 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.01083dad213681fca617.chunk.js
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
data
Size
13 kB (13132 bytes)
Hash
8e1f2cafbc49edc9d38371f47271ac55
5538a38be52fbcdad615ac88863c92cd37cae0c7
614a99aedf9758b7e3b0ae824295dd399ab6e454c701944a753b12b35ce52fa5

HTTP Headers

GET /accounts/static/7M/accounts/public/js/wfui.01083dad213681fca617.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 308204
Last-Modified: Fri, 05 Aug 2022 17:13:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "62ed4fbe-4b3ec"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdoab1s;
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
188e81cee8b35af0a5f75ac954fde9af
feb2bd6935b7088189e37a198856a877793d0acd
8b7358306ffa3ea0a704cffad81f327b1bfa2e58de1a30a4f32995910747abbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1529
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Last-Modified: Sat, 03 Sep 2022 11:03:53 GMT
Server: ECS (amb/6B8C)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0fb935f05e6aaba744f686e2bb3928f9
5b8211247e237b44ddd5bc3df47063bfcac84b0e
a998f91aa98aee49510e973a892dd630395bb1af087c7dbc77b61d29bef2bf68

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.b63d098a1ca054bb8b08.chunk.css

159.45.66.156

200 OK

13 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.b63d098a1ca054bb8b08.chunk.css
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
data
Size
13 kB (13026 bytes)
Hash
1281dce5861b8ea34ae8c02e40c0146a
f96ffce09607f914fc15609d4d7b26fa371f0336
7fc23f6d52169ed5ff8ea033f6878b2d44cb6c0a3655caeac09d96c5b8842f96

HTTP Headers

GET /accounts/static/7M/accounts/public/stylesheets/wfui.b63d098a1ca054bb8b08.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: text/css
Content-Length: 37102
Last-Modified: Fri, 05 Aug 2022 17:13:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "62ed4fbe-90ee"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdoab1s;
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=2549153;type=allv40;cat=all_a00;ord=7610580710998;gtm=2od8g0;auiddc=451372271.1662204559;u1=1120220903042916884190316;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F

142.250.74.34

200 OK

177 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=2549153;type=allv40;cat=all_a00;ord=7610580710998;gtm=2od8g0;auiddc=451372271.1662204559;u1=1120220903042916884190316;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
177 B (177 bytes)
Hash
9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0

HTTP Headers

GET /ddm/fls/i/src=2549153;type=allv40;cat=all_a00;ord=7610580710998;gtm=2od8g0;auiddc=451372271.1662204559;u1=1120220903042916884190316;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 11:29:21 GMT
expires: Sat, 03 Sep 2022 11:29:21 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0fb935f05e6aaba744f686e2bb3928f9
5b8211247e237b44ddd5bc3df47063bfcac84b0e
a998f91aa98aee49510e973a892dd630395bb1af087c7dbc77b61d29bef2bf68

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.secure.wellsfargo.com/PIDO/pic.js?r=0.9504964657380371

159.45.66.156

200 OK

33 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.9504964657380371
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (32867 bytes)
Hash
c61092a98f7aa083aa3ef8beddde5022
38a3ea3ad1373d536fb3283a692307e4e9fe8014
bea3745b22bb655bf1ddb288b45a35b29dc4c5a63910da435ee499781fc29804

HTTP Headers

GET /PIDO/pic.js?r=0.9504964657380371 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: KONICHIWA/1.1
Date: Sat, 03 Sep 2022 11:29:21 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
max-age: 0
Expires: -1
Strict-Transport-Security: max-age=86400
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly

media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1662005639987

8.39.193.5

200 OK

2.3 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1662005639987
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (7108), with no line terminators
Size
2.3 kB (2292 bytes)
Hash
69248df2e4cd19badf361961108eec5e
86054d9394816797a159f91274bf9c97033a9024
4879bdd8f9d0bd0597e5df3170a4164ca2ca3aaab294b91dd49332db9d36f290

HTTP Headers

GET /media/launch/sdkChatLoader.min.js?codeVersion=1662005639987 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "6Cu8yUJ1UkL"
Last-Modified: Wed, 24 Aug 2022 03:58:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 2292
Date: Sat, 03 Sep 2022 11:29:22 GMT

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50

52.38.103.162

200 OK

61 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP
52.38.103.162:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
61 B (61 bytes)
Hash
6cea234e98ece6237af6d262ad5f9c1c
cb4a8796ed084f7dd8a9c84a5b0eb6e144f5cb51
6dc3156289f7db61ed812b122efd508a04dc8624ea8ee71da0cd95c452b9975f

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Sep 2022 11:29:21 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51

52.38.103.162

200 OK

61 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP
52.38.103.162:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
61 B (61 bytes)
Hash
6cea234e98ece6237af6d262ad5f9c1c
cb4a8796ed084f7dd8a9c84a5b0eb6e144f5cb51
6dc3156289f7db61ed812b122efd508a04dc8624ea8ee71da0cd95c452b9975f

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Sep 2022 11:29:21 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1662204559340&cv=9&fst=1662204559340&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&hn=www.google.com&async=1

216.58.211.2

302 Found

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1662204559340&cv=9&fst=1662204559340&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&hn=www.google.com&async=1
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/984436569/?random=1662204559340&cv=9&fst=1662204559340&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&hn=www.google.com&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 11:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/984436569/?random=1662204559340&cv=9&fst=1662202800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&async=1&is_vtc=1&random=2979048817&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Sep-2022 11:44:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=827393636.1662204559&jid=1965225179&_u=4GBACUAKBAAAAC~&z=807046752

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=827393636.1662204559&jid=1965225179&_u=4GBACUAKBAAAAC~&z=807046752
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=827393636.1662204559&jid=1965225179&_u=4GBACUAKBAAAAC~&z=807046752 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 11:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b6b5ffecd53193507458fbe6e66d3f0
c96009132e435078cd79e19b19eeb0dbcf9abef3
229806893f073d6d725880c375c2f72ab09221a46095e1203d7379c1a29b8bef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=827393636.1662204559&jid=1965225179&_u=4GBACUAKBAAAAC~&z=807046752

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=827393636.1662204559&jid=1965225179&_u=4GBACUAKBAAAAC~&z=807046752
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=827393636.1662204559&jid=1965225179&_u=4GBACUAKBAAAAC~&z=807046752 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 11:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/984436569/?random=1662204559340&cv=9&fst=1662202800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&async=1&is_vtc=1&random=2979048817&resp=GooglemKTybQhCsO

142.250.74.164

302 Found

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/984436569/?random=1662204559340&cv=9&fst=1662202800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&async=1&is_vtc=1&random=2979048817&resp=GooglemKTybQhCsO
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/984436569/?random=1662204559340&cv=9&fst=1662202800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&async=1&is_vtc=1&random=2979048817&resp=GooglemKTybQhCsO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 11:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/984436569/?random=1662204559340&cv=9&fst=1662202800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--t449329d48d6c.wsipv6.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&async=1&is_vtc=1&random=2979048817&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1662005639987

8.39.193.5

200 OK

32 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1662005639987
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
Unicode text, UTF-8 text, with very long lines (59866)
Size
32 kB (31627 bytes)
Hash
a6a0464a88510526d1f309f2439e64a6
d771583d1b611b151cb05efd20262091d19b678f
aa74b23edb8fa24132aa7d934be94a947644081de79f61f253d1a92368a9ddce

HTTP Headers

GET /media/launch/site_10006005_default_helper.js?codeVersion=1662005639987 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "HQhRGE80b8A"
Last-Modified: Thu, 01 Sep 2022 04:14:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Sat, 03 Sep 2022 11:29:22 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1662005639987

8.39.193.5

200 OK

26 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1662005639987
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (5905)
Size
26 kB (25914 bytes)
Hash
efb8d1e2697dd853ac8715c0052380c3
53e3778b495a9ed5dae64fe19a29c3662c48a94f
6e9576def912f99f43b7cbad92551b116501173775a3d93387c33fc7b081953a

HTTP Headers

GET /media/launch/site_10006005_default_jssdk.js?codeVersion=1662005639987 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "D214kMLhUrE"
Last-Modified: Thu, 01 Sep 2022 04:14:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Sat, 03 Sep 2022 11:29:22 GMT

connect.secure.wellsfargo.com/dti_apg/api/imp/v1.0/report/?m&fq=load

159.45.66.156

200 OK

265 B

URL HTTP/1.1
connect.secure.wellsfargo.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type
JSON data\012- , ASCII text, with no line terminators
Size
265 B (265 bytes)
Hash
c2ab36cce2aa48956d59e5a55ba10622
21378370aea9c55ed1c6d02586260699fa553132
ef29960b338e10e715005141f584e7f682ea35ea9f7221861c3d5f6811357fbb

HTTP Headers

POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Content-Length: 656
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Content-Type: text/plain
Date: Sat, 03 Sep 2022 11:29:23 GMT
Content-Length: 265
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1
Vary: Accept-Encoding

pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum

52.38.103.162

200 OK

0 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP
52.38.103.162:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 12378
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Sep 2022 11:29:22 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:8193326c-8101-4c22-a28e-9f4e7c100046;Path=/;Expires=Sat, 03-Sep-2022 11:29:52 GMT;Max-Age=30
ADRUM_BTa=R:55|g:8193326c-8101-4c22-a28e-9f4e7c100046|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Sat, 03-Sep-2022 11:29:52 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Sat, 03-Sep-2022 11:29:52 GMT;Max-Age=30;Secure
ADRUM_BT1=R:55|i:559461;Path=/;Expires=Sat, 03-Sep-2022 11:29:52 GMT;Max-Age=30
ADRUM_BT1=R:55|i:559461|e:3;Path=/;Expires=Sat, 03-Sep-2022 11:29:52 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1662005639987

8.39.193.5

200 OK

0 B

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1662005639987
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/launch/all_10006005.json?codeVersion=1662005639987 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "/XILsMCZhqZ"
Last-Modified: Thu, 01 Sep 2022 04:14:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/json
Transfer-Encoding: chunked
Date: Sat, 03 Sep 2022 11:29:23 GMT

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.a32830a6383d333d8777.chunk.css

159.45.66.156

200 OK

0 B

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.a32830a6383d333d8777.chunk.css
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /accounts/static/7M/accounts/public/stylesheets/main.a32830a6383d333d8777.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: text/css
Content-Length: 21327
Last-Modified: Fri, 05 Aug 2022 17:13:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "62ed4fbe-534f"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdoab1s;
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.1a3449c840a0ecac31c6.chunk.js

159.45.66.156

200 OK

0 B

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.1a3449c840a0ecac31c6.chunk.js
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /accounts/static/7M/accounts/public/js/main.1a3449c840a0ecac31c6.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 289120
Last-Modified: Fri, 05 Aug 2022 17:13:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "62ed4fbe-46960"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdoab1s;
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1

connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.21ae416b3ad99fcd7f4a.chunk.js

159.45.66.156

200 OK

0 B

URL HTTP/1.1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.21ae416b3ad99fcd7f4a.chunk.js
IP
159.45.66.156:0
ASN
#4196 WELLSFARGO-4196

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /accounts/static/7M/accounts/public/js/vendor.21ae416b3ad99fcd7f4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--t449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:29:20 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 349019
Last-Modified: Fri, 05 Aug 2022 17:13:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "62ed4fbe-5535b"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdoab1s;
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations