Report - www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/

Report Overview

Submitted URL
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
IP
163.171.132.220
ASN
#54994 QUANTILNETWORKS
Submitted
2023-02-22 19:09:11
Access
Website Title
Final URL
Tags
wellsfargo financial phishing
urlquery detections
Phishing - Wells Fargo

Detections

urlquery
37
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.88.80.54
www--wellsfargo--com--ph49329d48d6c.wsipv6.com	unknown	2022-08-25T00:45:24Z	2023-02-22T19:16:35Z	44 kB	688 kB	163.171.132.220
wellsfargobankna.demdex.net	10546	2017-02-13T10:09:43Z	2023-03-13T06:46:24Z	562 B	1.2 kB	34.255.210.6
adservice.google.com	76	2021-02-20T17:10:48Z	2023-03-13T08:49:52Z	732 B	885 B	172.217.21.162
ort.wellsfargo.com	51778	2013-12-03T18:17:45Z	2023-03-13T06:46:26Z	952 B	4.1 kB	95.101.10.171
static.wellsfargo.com	12306	2015-03-14T23:03:25Z	2023-03-13T06:46:23Z	8.1 kB	529 kB	95.101.10.152
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	680 B	1.9 kB	104.18.32.68
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	666 B	625 B	64.233.164.157
media-wellsfargo.nod-glb.nuance.com	28807	2018-12-21T18:46:00Z	2023-03-11T07:06:55Z	1.9 kB	202 kB	8.39.193.5
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	45 kB	34.120.237.76
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.4 kB	5.1 kB	93.184.220.29
api.rlcdn.com	791	2018-09-26T07:12:06Z	2023-03-13T06:46:24Z	465 B	192 B	34.120.133.55
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-13T05:09:46Z	724 B	724 B	142.250.74.66
pdx-col.eum-appdynamics.com	4816	2018-10-26T09:20:40Z	2023-03-13T07:30:31Z	1.6 kB	2.5 kB	44.237.126.140
dpm.demdex.net	204	2012-05-22T07:45:05Z	2023-03-13T05:18:25Z	1.4 kB	2.3 kB	34.255.210.6
connect.secure.wellsfargo.com	11812	2017-01-31T16:32:35Z	2023-03-13T06:46:24Z	3.8 kB	252 kB	95.101.10.194
2549153.fls.doubleclick.net	30024	2015-01-13T00:13:33Z	2023-03-13T06:46:25Z	759 B	1.1 kB	142.250.74.6
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.dcocsp.cn	33518	2018-11-07T14:15:36Z	2023-03-13T06:54:43Z	338 B	1.1 kB	47.246.44.225
www17.wellsfargomedia.com	76964	2021-07-19T14:03:45Z	2023-03-13T06:46:23Z	14 kB	492 kB	104.110.27.78
rubicon.wellsfargo.com	11786	2019-12-17T21:15:25Z	2023-03-13T06:46:24Z	1.5 kB	4.3 kB	95.101.10.203
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.1 kB	8.4 kB	216.58.211.3
tag-wellsfargo.nod-glb.nuance.com	25312	2018-12-12T21:59:35Z	2023-03-11T07:06:55Z	1.5 kB	9.5 kB	8.39.193.5
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	546 B	578 B	216.58.211.4
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	1.1 kB	550 B	142.250.74.110
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	930 B	1.3 kB	142.250.74.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/ps-global.js	186 kB	2023-03-14	2023-03-14
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/ps-global.js IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:05 Times Seen1 Hash b43a6b3a9136ac71a7378f47367eec1d f89e737d3dd3d22838acf864c89c532fe4db01f4 265f167b1afb2f4262791325c1be838ea19361a6eb932a0125d29ac7b5b24fb6 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	281 B	2023-03-07	2023-06-29
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:07:02 Last Seen2023-06-29 15:24:07 Times Seen11 Hash 81e631308ffaca8191e65e8877751a22 21bfc3f12b2f47a693e17856fb4fe1030f2672eb 10a64199e3bf2264d6ac247b5c55f8f6332eefc3e42db9a7c2a5004a5dc37b01 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	64 B	2023-03-07	2024-04-08
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-08 03:26:08 Times Seen57 Hash 2a7270f6787f0239e01ea8dab902b4da 19e78f37d5519902983822ca8bc8d89e2ad334bf a9e82d70d13300dfc269e01d630de6a93d94dbdf3637c7e29cfa6594737e0797 Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js	44 kB	2023-03-14	2023-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 02:19:07 Last Seen2023-04-08 21:00:54 Times Seen56 Hash 11bcbd05ac53cbf0dd82f1bed195baea 64312675432b5b4fc6d84a16d46c07c0594a9c01 a7db8a99c12e3063291c89262e88ef314821ea8789253ac4ab1affec6faae8de Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js	23 kB	2023-03-07	2023-06-29
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-06-29 15:24:08 Times Seen72 Hash f320653366aae1336b9a1c0547ea97b9 8c87c242b3bf13c2558679bd936123a5e6069da5 e02ff12dc676cc581ade44548d917c7df10e14c6a7b6373dbf1b67a7b352108a Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 14:34:04 Times Seen37039753 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.17747632999373664	260 kB	2023-03-14	2023-03-14
Pretty URL connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.17747632999373664 IP 95.101.10.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:05 Times Seen1 Hash 8bd932f6939821ad4b3ea0273138df07 beed631db6c13ed9b482d1a9bf993b318b3d5739 26df1be43cc42d3a8ab96afae492befe4058f18b1de9ad45ec4440e8252ddce6 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js	48 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4875 Hash aeccb854b0a76aa9f478e466c8011b29 625d31cbeb8978cf2419f58d14bba92a42dbb45c 7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6 Loading...

	connect.secure.wellsfargo.com/PIDO/pic.js?r=0.17313502192589025	90 kB	2023-03-14	2023-03-14
Pretty URL connect.secure.wellsfargo.com/PIDO/pic.js?r=0.17313502192589025 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:05 Times Seen1 Hash 0f0ce72e927874e02eb3213f612d5dc7 1a6c9383e838f4c3e41a382e2c6d3ff44736981f ee636c4e0792708fcb4e94a3dc2f12952916f4329d16ce2f4fdff6d4191017b1 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js	59 kB	2023-03-13	2023-03-26
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:20:55 Last Seen2023-03-26 00:17:38 Times Seen11 Hash ccadeb62f2b80857a6d67c44f994b98f 9e3ae47f76f9a9fa982c188cf3299812699415ea e870dac951d28b7ad22960291e4ba5f58f4eddcc694ab9331ac527c19629339a Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	64 B	2023-03-07	2023-03-29
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-29 21:35:42 Times Seen10 Hash e88d65752d67bb0e037e0ffa6f5a1aa4 b81fad1cfeaf6d8f814ce652e5005854568b8dcf 8372d98f256b905a0140ba0e9751f83959948a2e30ac17fa57909d3d0cfd87ed Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js	543 kB	2023-03-14	2023-05-23
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:50:26 Last Seen2023-05-23 04:08:34 Times Seen2177 Hash 2ebe1f343eef1598263831c72bee5d92 3a9a8ba970e54572bfbb11d12039a52157557e39 e2afa6367d38dde83b3c734b10a6235bf0124d908663db531efbcecaab12e61d Loading...

	static.wellsfargo.com/tracking/gb/detector-dom.min.js	440 kB	2023-03-08	2023-04-13
Pretty URL static.wellsfargo.com/tracking/gb/detector-dom.min.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:07 Last Seen2023-04-13 08:50:50 Times Seen267 Hash d980391562cb88335867228eb62355e0 ee7af0c08ee43ff66f6bba09c08852f7b3859a42 313c07f6e4facc5730db27563c4aeaad1a86126333d448e47c7b29adb1f806fd Loading...

	static.wellsfargo.com/tracking/ga/ga_conversion_async.js	36 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/ga/ga_conversion_async.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4900 Hash 0a40602db7616a31c9da4548ee920190 878e01cb0c90cb247aabc137327655a6fcffcbd5 6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab Loading...

	connect.secure.wellsfargo.com/auth/static/prefs/atadun.js	1.2 kB	2023-03-07	2024-04-19
Pretty URL connect.secure.wellsfargo.com/auth/static/prefs/atadun.js IP 95.101.10.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 19:43:46 Times Seen4753 Hash 566dda94252f1860a7a28665c715b530 6aa0455dc8ea41441b1f3a733985758dc40af736 43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single	11 kB	2023-03-14	2023-03-14
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:05 Times Seen1 Hash a1b8a8c8b8f73c254903f9298311b500 1d11fe6fb369520f74b0bb7bcf3ee3740379bec5 555264d5e42b6c5ba308ddf558fa1ba7d7dd0222ea4f737efe2e66f1f0e50263 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	408 B	2023-03-14	2023-05-03
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 02:19:06 Last Seen2023-05-03 16:01:13 Times Seen52 Hash 60b6389c853bda6e687562244dd75f10 8e8aa5a7426e1e0aa09fcf771c216b2fa33408d3 023f7655b3b96900472fe656ec517e96f3f70c38764fe6bc1385924ed2313507 Loading...

	tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk	5.2 kB	2023-03-14	2023-03-29
Pretty URL tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 02:19:06 Last Seen2023-03-29 22:00:36 Times Seen49 Hash fb34b02059eabec35c27ad209ab20261 f22a0603ea6694c1dc6495f79a5bcbfed9afb73b 206d91c0438baa08a247d2ac57861bae253a1dd748731b877ffb8fc1230f6336 Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1675826440001	145 kB	2023-03-14	2023-03-29
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1675826440001 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 02:19:06 Last Seen2023-03-29 22:00:36 Times Seen49 Hash 2d41ecc79770157f1d74a0e46c8ac6e1 6d8f0185747069f16b2e06671c581e1403eee5c4 d24192c68fc7b25ed34bced06ac7225c81b3396140d1f40074202a7845587ad6 Loading...

	static.wellsfargo.com/tracking/ga/ec.js	2.8 kB	2023-03-07	2024-03-28
Pretty URL static.wellsfargo.com/tracking/ga/ec.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-03-28 17:41:50 Times Seen4661 Hash 0ae62a83927125e9b9dfa97f89af9d3f efb68f49f2b9b6b5567bf26a17015ede289e429d 618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089 Loading...

	connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEA4dGJNd0pmdGhhQVlTS3pxdUpMdnpEQ3BDWEZpQXlpWFlMUUl4SXRCVytvb3F3cFBkTk5wQWlIMmVUcFJPanBKcHJ3ckJiL1JRTGNJRDRKeHRsOEsrS0M5NEloM3p2U1VyNkRTc3BXK1gzUWZsK2ZFcHVkZG1WNndQWWI3OFlOQUxLTC8yT3diV3pLQzJNZjFMbWV4TjlhVjh2YVA5ckVuUnFHamxnc05qRmlNYkxHZHZEOWkva2dVYWlXR3B4eGgvSmt0SHh3NVJpS3Y1ZVB1SFViTjFmbWYvbGpac3d5aGx5RHNURkVuQklDNWRBMFZmZXNMazg5ZlF0MllCTThRSW1wUklML1ZZUnZ1Y3VXRHFiaDRmSEhSM1BCNXpuS1phc05PNFNyVy8xSHQ4b0JsVmpWY2lRPT18MWQ5ODU2NjQ4MDE4MTBlMGQ5NzhkMzQ5ZWM4YzNkMTJjOTQzZDhkOWMxYjc0ZWU1MGQ5MGE5NDZlZTllMWU0OTQ5MTY0ZTlkMGJiZGNhZTlkZjc4MWM3ZDFiNTQ4MDU5ZTg2ODc3YzZjZjdlMjdhOWJiNjQ1MmVmZjBjODlmN2VjMTU3NGVhNjA2ZDFjMWFiMWRkZjRjNjljYTQyMGFkNDI4OTMxNGFhY2Y1NGU2YWY3ZWYyNTFhODc2ZGJjMTkwMmY4MThkYjQwM2E1YmNlMjFmZDJlNjI3ZjY0NjQzMjIzYWVlMGQ1OGIwYzFjNGIzZWQ2YmY0NTVkYjZkNzQxMDc5MjkxODI1ZTNkZDkyZjc5Y2FlOTY3N2JkMTc2Mzk2MjgzMjg2ZWRkZTQ4YTNiMjcxODFkYmVjYzlhODRjNzg4YzA3Y2FkNWNjMzlkNzkxYjZkODBkOGJlN2JjZjM0OTYzMWZiYjhmYTMwMzhiNDYyNDViN2Q4NTkzMTYwNjk3NTFjZGIxOTc3NjI4NGI4YzYwYWNiYTMzYjhjY2I3YTMyNWI4NTIwNjRkYmY2NzQ4ZjFiOGYyMGEyN2E1NDBiODE4NDdhMDZmODIyNzkxYTc5ODE0NTZhZjI4MGJiOWU1NzdjM2NlNWFiNjRiYTMwOTU4OGRiZTIwNzM0NzYwZjZ8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com&t=jsonp&c=ztpr_cpfpwwmlixt&eu=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F	90 B	2023-03-14	2023-03-14
Pretty URL connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEA4dGJNd0pmdGhhQVlTS3pxdUpMdnpEQ3BDWEZpQXlpWFlMUUl4SXRCVytvb3F3cFBkTk5wQWlIMmVUcFJPanBKcHJ3ckJiL1JRTGNJRDRKeHRsOEsrS0M5NEloM3p2U1VyNkRTc3BXK1gzUWZsK2ZFcHVkZG1WNndQWWI3OFlOQUxLTC8yT3diV3pLQzJNZjFMbWV4TjlhVjh2YVA5ckVuUnFHamxnc05qRmlNYkxHZHZEOWkva2dVYWlXR3B4eGgvSmt0SHh3NVJpS3Y1ZVB1SFViTjFmbWYvbGpac3d5aGx5RHNURkVuQklDNWRBMFZmZXNMazg5ZlF0MllCTThRSW1wUklML1ZZUnZ1Y3VXRHFiaDRmSEhSM1BCNXpuS1phc05PNFNyVy8xSHQ4b0JsVmpWY2lRPT18MWQ5ODU2NjQ4MDE4MTBlMGQ5NzhkMzQ5ZWM4YzNkMTJjOTQzZDhkOWMxYjc0ZWU1MGQ5MGE5NDZlZTllMWU0OTQ5MTY0ZTlkMGJiZGNhZTlkZjc4MWM3ZDFiNTQ4MDU5ZTg2ODc3YzZjZjdlMjdhOWJiNjQ1MmVmZjBjODlmN2VjMTU3NGVhNjA2ZDFjMWFiMWRkZjRjNjljYTQyMGFkNDI4OTMxNGFhY2Y1NGU2YWY3ZWYyNTFhODc2ZGJjMTkwMmY4MThkYjQwM2E1YmNlMjFmZDJlNjI3ZjY0NjQzMjIzYWVlMGQ1OGIwYzFjNGIzZWQ2YmY0NTVkYjZkNzQxMDc5MjkxODI1ZTNkZDkyZjc5Y2FlOTY3N2JkMTc2Mzk2MjgzMjg2ZWRkZTQ4YTNiMjcxODFkYmVjYzlhODRjNzg4YzA3Y2FkNWNjMzlkNzkxYjZkODBkOGJlN2JjZjM0OTYzMWZiYjhmYTMwMzhiNDYyNDViN2Q4NTkzMTYwNjk3NTFjZGIxOTc3NjI4NGI4YzYwYWNiYTMzYjhjY2I3YTMyNWI4NTIwNjRkYmY2NzQ4ZjFiOGYyMGEyN2E1NDBiODE4NDdhMDZmODIyNzkxYTc5ODE0NTZhZjI4MGJiOWU1NzdjM2NlNWFiNjRiYTMwOTU4OGRiZTIwNzM0NzYwZjZ8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com&t=jsonp&c=ztpr_cpfpwwmlixt&eu=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F IP 95.101.10.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:05 Times Seen1 Hash c001469c8d5ca600c39083319a936d83 a949e73a110a3c0f3d31a3f6fa5abd4d1d272e59 408d8bcc9f05a3dc365bfdf446a10a2c18955ef45630695c6623812762f81624 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	2.0 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-08 03:26:08 Times Seen4778 Hash e7cf4c458b327ab7ed31e0936ccd404f 970bf05073f91ad6b8f21521f7c9886f71f2af1d 52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	66 B	2023-03-08	2024-04-08
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:41:37 Last Seen2024-04-08 03:26:08 Times Seen35 Hash b679714ddcbf292ed8e3d66e056cfbb4 2b741ae2946b86af705a271c5e7231aa3630035b b970e0f8d8f44672e2998d0a366ebb0eee18ac1048a16db57906df6635377762 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	386 B	2023-03-14	2023-03-14
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:05 Times Seen1 Hash 16f19888cbfda16ca2294201b1a0040f 82a5d4b971b72227206ce8b2db0af1d46d10d8bc 8f59b4038a7d7e1a96051753765654a6d3959f79abd5063326510a87353dbef2 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	125 B	2023-03-08	2023-03-26
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:41:37 Last Seen2023-03-26 13:02:55 Times Seen9 Hash 668ad28e78f3c05f20604f4d567e10fd 8b5c217dc88f278a8f74f4b4a33b2426179798e5 2b324682fd8e2393e454b49853d695195f58ab1f35e61ecd69063699d47896b9 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AIArf3qGAQAAdhZAtKfX3IciTV6JpcTSMDP3K-XOgxvi-06ggttJp0mVnR5J&X-G2Q3kxs3--z=q	265 kB	2023-03-14	2023-03-14
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AIArf3qGAQAAdhZAtKfX3IciTV6JpcTSMDP3K-XOgxvi-06ggttJp0mVnR5J&X-G2Q3kxs3--z=q IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:34 Times Seen1 Hash 468921735dd7ef314258b49abdaf622c d18bf3b340dbb3718c43a6a7523d2632dc575d0c 7555775afa496d2e73ba84b374e15b5278af59661cc1aeb9a6625f5e840b58fd Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js	45 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4864 Hash 5f310e2e2a558d76b916e137aee73462 c7ff0190c9c2c414321211f3863e9e27f32b713e 385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1675826440001	7.1 kB	2023-03-07	2024-03-28
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1675826440001 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-03-28 17:44:18 Times Seen68 Hash 91a3833ccffbae0b31a6cca516216880 9284e1bb265d09e17e10407f280072b9d938bec5 182475449b1dc308c4d183fe50d348ab2f4e882aac99c0945762629c9fe65f9d Loading...

	connect.secure.wellsfargo.com/jenny/nd	54 kB	2023-03-14	2023-03-14
Pretty URL connect.secure.wellsfargo.com/jenny/nd IP 95.101.10.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:34 Times Seen1 Hash 77e66dcd24cbb7a630d951de508bfdd8 6235e5f6a21058a0445e4f41ed7259ac565a2357 5e99738ef7c19c3976100bfadc1ed94bacbfe9325f34437d5f2775bc49be1a4a Loading...

	tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js	28 kB	2023-03-08	2023-06-29
Pretty URL tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:41:37 Last Seen2023-06-29 15:24:08 Times Seen72 Hash fee3c44553151f3adad603f3fbf70081 91e1bf1b18c9b83fa36c17dd1567b85c653a0b12 2ca980db17561aeb7beece18426d664f0ab09675080cb9934f33c941c9bde5b8 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	167 B	2023-03-07	2023-03-29
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-29 21:35:42 Times Seen10 Hash 61a4caf53316d3210230c31c1883b3a3 2afb0e8b8d5f5501975e82f66d7ff35a9af4dad4 2715df517f54ac7a7e5d8ef102321aabfc88c1ee619cff4fcb5909a90aeb14cd Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	49 B	2023-03-07	2023-03-29
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-03-29 21:35:42 Times Seen10 Hash 9dc010e7b56b2574c973fb4ad46b4666 ff941ff2ebba382c97eb9c6241ded33e76b3f8c3 606e34582ec278a9d1f5cff8c942e8e97ecbd117817fbdaa755f8a910dbbd0d8 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	695 B	2023-03-07	2023-03-26
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-03-26 13:09:33 Times Seen18 Hash 899837b2f1e8a81797ae37ad361488d3 0f4abcaeceb40790ea9341b6f43328a983e8428f ab4f57987919925eaadb2fa2eb5e82798300b1b7aaab2066b875f8cded107873 Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js	149 kB	2023-03-08	2023-05-10
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:41:37 Last Seen2023-05-10 14:57:32 Times Seen65 Hash 298ef372a1456ccb70ec28a8d34286d5 eb899110cd52492d73700e4f6a8a8b69de1f6c4a 6335202de7afbdb826ddbf8d91220ad146b8d98e4cf14e8d09ab24c3545fe713 Loading...

	static.wellsfargo.com/tracking/ga/ga.js	49 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/ga/ga.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4882 Hash 8402e9ebdf9290c018b0617018227681 2d840fcd6c3008d9aca747ba0ce056b496db8e1b 0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22 Loading...

	connect.secure.wellsfargo.com/AIDO/glu.js	70 kB	2023-03-14	2023-03-14
Pretty URL connect.secure.wellsfargo.com/AIDO/glu.js IP 95.101.10.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:05 Times Seen1 Hash 50d54ce0cfa6116764c98f22fc733f5e 1a424ae30642d95260cccfdbeb8755dc280169a7 bcc07b42aca291e7ff8ed6f1d067d9277d5d3448358377e532df8201658939c9 Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1675826440001	447 kB	2023-03-14	2023-03-29
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1675826440001 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 02:19:06 Last Seen2023-03-29 22:00:36 Times Seen49 Hash 3c5f9a8d09ff96b666eb464705b3ff5e daf0285f502928cd121640ca869703ed13ea0e68 81fa07c2fe994ff809c5fbd7682c4198318d3a71259f487d9557305510a39fe1 Loading...

	static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js	48 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-05-21 08:37:02 Times Seen11 Hash adc6bafd6d346973c15f80f542fa008f ec1f94d5fe65f25d7119488ffc067446b7af82b9 7a17bf7ddc09f705c34b0bdefe2a12142ae1702bf904a731f48cd4652c1036eb Loading...

	static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js	32 kB	2023-03-07	2023-11-04
Pretty URL static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-11-04 00:29:39 Times Seen29 Hash 162100f507af8b50f1406bf3fc405ce5 cf0a2bf9b914710962e0dd7899b93ba5ceb5134d e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279 Loading...

	www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/	295 B	2023-03-07	2023-03-26
Pretty URL www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/ IP 163.171.132.220 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-26 13:02:55 Times Seen9 Hash 8f551706a91b8a4740f176a6271a2a3e 768e0f59a50d81e388651e0efcd26659c7424231 655f7384728ebc88dcc672fe093d5fab1ed28f9ca1b5a6004ea9c74edbf5a912 Loading...

	connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js	272 kB	2023-03-14	2023-03-14
Pretty URL connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js IP 95.101.10.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:02:05 Last Seen2023-03-14 08:02:05 Times Seen1 Hash 26e014f3d14908458897f292e818f664 8d7964a7d7e99e0802a3b8c8b7c1ac6477ebb63f d164f5f1d79caa884b9b82433f6d33db869eb468d665218c4301da5d2ed058df Loading...

	static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1	117 kB	2023-03-08	2023-09-21
Pretty URL static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1 IP 95.101.10.152 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:36:56 Last Seen2023-09-21 03:50:16 Times Seen11701 Hash 91c536ff4d2c8db1822702f866e60b08 3370d3721e28923f099da1985f718a88015975aa d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a Loading...

HTTP Transactions (147)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03ba1c19530391f28dcb5c049ab66e99
a1b89c652e5406b1981704d1973ac1c820ec584d
9c78f93d5d5c96391e480ecad78b4a6a30fb33fdc61acc7799fe3401c62a1292

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C78F93D5D5C96391E480ECAD78B4A6A30FB33FDC61ACC7799FE3401C62A1292"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7715
Expires: Wed, 22 Feb 2023 21:17:33 GMT
Date: Wed, 22 Feb 2023 19:08:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
378d97dfed95fd35bca9d8699e56151a
46f96f400be9e5208ccbad84540a7855c9994bef
b86917bafe1d5d6f762dbbe5af0b906ce61e505539b5fe2a1e49b09d500a90c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B86917BAFE1D5D6F762DBBE5AF0B906CE61E505539B5FE2A1E49B09D500A90C6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5742
Expires: Wed, 22 Feb 2023 20:44:40 GMT
Date: Wed, 22 Feb 2023 19:08:58 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Feb 2023 18:38:16 GMT
content-type: application/json
age: 1842
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48b5fafb12e15fbede4669b549518d50
ee82e527d3c45ebbc1865cd56b93e1be5ac933db
94036245b7831c01d3112f661bd909369c9b3af89ab37be7fb07f2254a7df7d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94036245B7831C01D3112F661BD909369C9B3AF89AB37BE7FB07F2254A7DF7D5"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6854
Expires: Wed, 22 Feb 2023 21:03:12 GMT
Date: Wed, 22 Feb 2023 19:08:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: tATLVh5PztZoNhgnKqniTCTC4hPQ6MQcaqLISlcjXq3oIErDdJjm+QwsZ+z3jwhlSvAao0UblhI=
x-amz-request-id: RNYKXN9PZQ0T0GXE
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Feb 2023 18:48:57 GMT
age: 1201
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 19:08:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, Alert, Content-Length, Backoff, ETag, Cache-Control, Retry-After, Last-Modified, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Feb 2023 18:20:35 GMT
age: 2904
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea9630f88377d01e5cebab9de9c3b89
18c6603c6e63b79d45031e960dddd31b227f0de5
853e5bb59efe99054d86bbacf7c2f1f2483ad9c05d35cc9d8ea5dd9909cb38fb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "853E5BB59EFE99054D86BBACF7C2F1F2483AD9C05D35CC9D8EA5DD9909CB38FB"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3238
Expires: Wed, 22 Feb 2023 20:02:57 GMT
Date: Wed, 22 Feb 2023 19:08:59 GMT
Connection: keep-alive

ocsp.dcocsp.cn/

47.246.44.225

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
5e8ddecfefdb941477e64b9f0b0ea69b
dce5b1348e1ea33d0faecbf4576dd79c70f46e45
07fef617d89012c4c019247e52af179b3eee8e276a26c60227ed08e8d74bec9b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 22 Feb 2023 18:12:41 GMT
Last-Modified: Wed, 22 Feb 2023 14:24:48 GMT
ETag: "63f625b0-1d7"
Expires: Fri, 24 Feb 2023 14:24:48 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1677089561
Via: cache21.l2de2[0,0,200-0,H], cache12.l2de2[1,0], cache5.se1[23,23,200-0,M], cache5.se1[24,0]
Age: 3378
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 22 Feb 2023 19:08:59 GMT
X-Swift-CacheTime: 222
Timing-Allow-Origin: *
EagleId: 2ff62c9916770929396185107e

push.services.mozilla.com/

52.88.80.54

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.80.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TwG18TCTQkOfBZyZZhxG8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1DRlTA1dXHFCyhi/5TVR0t+ckrg=

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/

163.171.132.220

200 OK

18 kB

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1566), with CRLF line terminators
Size
18 kB (17464 bytes)
Hash
a77dea7db0cd968f1b7b7560d8156405
d17cff2820f8c414a8f6fae9af6eed868b042591
e802e4c0b148c8e80da27ca505a2bb5cbc9baa11c4c8aa41e11d482dc0db1759

HTTP Headers

GET /es/biz/ HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 17464
Connection: keep-alive
Expires: -1
Cache-Control: no-cache, no-store, max-age=0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'none'; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-0d76bbdd-a8c4-412c-aafc-f780ca20c110' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Language: en-US
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Akamai-Transformed: 9 20636 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640; Expires=Wed, 22-Feb-2023 19:09:29 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Wed, 22-Feb-2023 19:09:29 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Wed, 22-Feb-2023 19:09:29 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:491115; Expires=Wed, 22-Feb-2023 19:09:29 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=48C3934C6895D635395789AFEB21D3E6; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=ES; Domain=.wellsfargo.com; Expires=Thu, 22-Feb-2024 19:08:59 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202302221108591972982844; domain=.wellsfargo.com; path=/; expires=19 Feb 2033 19:08:59 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; path=/; Httponly; Secure
WesdAksn=A_xnh3qGAQAA3jW6xGoWeHcZgKOZsN_tb1icmZGwuhokBBgw619JL6bM5A7DAaOrhK2cuDv8wH8AAEB3AAAAAA|1|0|82cfd1c223893df7775176337c31d0b478ee62f6; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=C6BN1qoCLTnfteyYHAFxdVevGeFMpqK5YzphYJoxv6OnQhZXARoP1Vh1vp0xrJ8g; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:23:59 GMT;Httponly; Secure
_abck=FE373531A936D73E4D2DC9891A747D81~-1~YAAQ7GQRAuxpIGCGAQAAT2mHegkKc44usdfwkyHN0RwXRB6DSFLyOF6e5M7ZS+tTc+JO4IbBluJvSMW/ETDI7267kePAeGSuN9tc+DnYtpKG2msbRGoOJDjWnir6TzvvJN8za6ym3r5kAfUWAXEGw7fDvOGQeasFH8dtIWr2C5RfiJhU+rJ3sFmaSXkPo2amH9rjwncY2GPRTH13flLuLDT8vbm/Ks6o8JmNLOnOFoEYp/h8UuofMeGirNfnJzL7iRJf1lUfmDJJqT3cFIf8DbyH1WpHz72FPcpJMYdiquhPmTxa/AQfmdC6iTJHVD9giOeX0zcvq9fphwhCh0MSF6AxOX5Eybz8/2Ogh2Y7QZi7yNKd2BJnbLNv5Ws0vBuI8Q==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:00 GMT; Max-Age=31536000; Secure
bm_sz=40E045638E298AF8F09F28B8EBCCBF62~YAAQ7GQRAu1pIGCGAQAAT2mHehJaejTyVfDbGwfCrxD9DSG1rCfHuAKQ8aXIMBWuxBsfo0XttbVHHfLfRhzlC0Prpjlz1eO0/QxnU+e+BxnuhdAsWLecdilh0ONOl+a94nmEx3Vft0odAxQOlVrQKtGKpHGofZ3rcmBr0EaQJiEOgeWopzMmp54/TQOnrsQEBN/61WpJHAkBl6OSnALEnCQ4nHPhNUmg309akzzUZI4IctOVxlpMcVv7zJI8qOrL6X9sH789cy4Z3SNo7jozjdjnNZY7Up9R5m5RA79M4iGNxfOj1TXC~4474162~4277825; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:08:59 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684b_kf173_44823-12355

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/YkTH3X8OT3kZi2ZDd_Bql8xhjSY/1Q3hwzbwui/MhN8fVdRQQY/WDMAHlx/1EgIB

163.171.132.220

200 OK

77 kB

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/YkTH3X8OT3kZi2ZDd_Bql8xhjSY/1Q3hwzbwui/MhN8fVdRQQY/WDMAHlx/1EgIB
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
data
Size
77 kB (76827 bytes)
Hash
0731aed49e7a5f91fb5709a4bd0e4422
da4008d22216595ccbc8137a746e254a43276a09
19d279bd629b636c6ee44d9b44f2d21999c96e3d512afc8e9bd29b15408e8651

HTTP Headers

GET /YkTH3X8OT3kZi2ZDd_Bql8xhjSY/1Q3hwzbwui/MhN8fVdRQQY/WDMAHlx/1EgIB HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:00 GMT
Content-Type: application/javascript
Content-Length: 76827
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 18:21:55 GMT
ETag: "a4d054b3c16df2c4a9dbc4edbb49f3b1204db88930026ecce705d9beba038a6d"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=eDW9jSk3iJDQvaE6CUz4hw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=1DB55B26A09FF353C2DBEC32C5DB1121~-1~YAAQWaEkF0M8s3SGAQAAQWqHegkknaPx4zCh47fNc2FxHRLK+H5YCYVpIR2MgmCRmI7Qe+pma4ttgG9Hm3+fVSXcjSf3hmHcYsHQfna+W7RR2U50KNdEZSTMlLWL+Kb0BlkcgR0AqOK45nFDGnWn7FgWZD+YHrviSnpKkhwsa0kLAGwRwoK9xCLBr/TLq1qzxsmkhr0aER2h/cSaoBjrPdluEXZixQOPkgnEVmgKvQLnoaEhvR8VaHji/iyjy20DAsXnhesKJ+oXKeWUX1yoOW+275P6IZKIlZcuAl/Mut4o7vzHRKaT/Ej8hheAv3wD6IwfhqRMNV7yIjmKj7djSWdLfSs/ggAgnZf5+cjoDSnMKVqgmpqp8KtU4AfjAXRlFA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:00 GMT; Max-Age=31536000; Secure
bm_sz=06CEB51441C622B1D18FF7D8747551D9~YAAQWaEkF0Q8s3SGAQAAQWqHehI/PE43Vf1TSAbqrjL8A65fmHua7ULaXIKvVTja5zRa37U9P5NrM8pzXh9fm8+VcUX8F1rItwFupPtgGtqpSnhFubwzqKME/TwX1xO02Vp15Y0TuKqhl+EfDskZ6UoXsJzswv2Q9tInwppQWRWhGaL4Ht+EtBrngJsAv3mTtvtid0RbiRpPHan3CcDkySNro828+YLEhbPCVEE1hS5K+8BzFEBpuNZphZXNE3sKOdCFB22hnuvonwxTC0JY8beeM2zf0G0upVH7yTfXI6MbCNPriuix~3749680~3553081; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:00 GMT; Max-Age=14400
X-Via: 1.1 kf182:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684c_kf173_44753-18395

www17.wellsfargomedia.com/assets/es/images/rwd/wf_logo_220x23.png

104.110.27.78

200 OK

1.7 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/es/images/rwd/wf_logo_220x23.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.7 kB (1710 bytes)
Hash
c5f6eb132665afa77e8ac7a1a707e951
70d65ab0dcfaace4c1d8bbb772af4fd7c6f66c80
0d7727e08780a04f9c86fca16ed264664eea2b161744cfb70836880bf04fc1ac

HTTP Headers

GET /assets/es/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61c392e6-10c2"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1710
content-type: image/webp
cache-control: private, no-transform, max-age=1826575
expires: Wed, 15 Mar 2023 22:31:55 GMT
date: Wed, 22 Feb 2023 19:09:00 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
db332c4af1593a56b0a55597a7ab5cfa
91caca6559177afd0bf1aa6c470ab78ccc0114f9
53af5a8694113c6b33b2819fae7d433fc1719645ad5cf0a10de92283431f00d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3434
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:00 GMT
Last-Modified: Wed, 22 Feb 2023 18:11:46 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
db332c4af1593a56b0a55597a7ab5cfa
91caca6559177afd0bf1aa6c470ab78ccc0114f9
53af5a8694113c6b33b2819fae7d433fc1719645ad5cf0a10de92283431f00d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:00 GMT
Last-Modified: Wed, 22 Feb 2023 18:09:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js

95.101.10.152

200 OK

901 B

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (1952), with no line terminators
Size
901 B (901 bytes)
Hash
5dcc7c101ced74367609685d577093f6
f0d8214335e3c33b634048b992afd536f5bd3e43
10aab16ccfb5374425dc6ee64453a7fe6d7b6dfa47ab65779f42c7db740da1ef

HTTP Headers

GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Wed, 22 Feb 2023 19:09:00 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=VvG1ZznukBGjRBBw9dbuxQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
db332c4af1593a56b0a55597a7ab5cfa
91caca6559177afd0bf1aa6c470ab78ccc0114f9
53af5a8694113c6b33b2819fae7d433fc1719645ad5cf0a10de92283431f00d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:00 GMT
Last-Modified: Wed, 22 Feb 2023 17:56:25 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 471

static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js

95.101.10.152

200 OK

17 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (48287)
Size
17 kB (16778 bytes)
Hash
a75fd8e10b107df2ef26038f1783ac4e
b27d8fc62fd83f944d638b93140ec05bd050ded4
9baeb568dd185db9aeaefd009c3778e3fe04b59acfa6c04fe96bdf608c8f2299

HTTP Headers

GET /assets/js/wfui/container/wfui-container-top.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 13 Aug 2022 13:50:11 GMT
Vary: Accept-Encoding
ETag: W/"62f7ac13-bcef"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 16778
Date: Wed, 22 Feb 2023 19:09:00 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=hkMzmsTRk0Ew3CzH1MpGHg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/ui/css/publicsite-ui/ps-global.css

163.171.132.220

200 OK

27 kB

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/ui/css/publicsite-ui/ps-global.css
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
27 kB (26797 bytes)
Hash
08c956c88fba02057c9b8ab759f1273b
87fd624f96f7947f502c402da63b1d5a9cb998f6
08a6005eed62aea31f8f7614d430ce53afc0d7eb54292a6cd4d1ef401a94bcd4

HTTP Headers

GET /ui/css/publicsite-ui/ps-global.css HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:00 GMT
Content-Type: text/css
Content-Length: 26797
Connection: keep-alive
Expires: Wed, 22 Feb 2023 19:39:00 GMT
Last-Modified: Thu, 09 Feb 2023 02:16:10 GMT
ETag: "63e4576a-3354c"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VMdgflkfFRA2wp48:1 (Cdn Cache Server V2.0), 1.1 kf173:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684c_kf173_44898-11158

static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js

95.101.10.152

200 OK

11 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (31790)
Size
11 kB (11076 bytes)
Hash
6d79a0dbc6ea2602aa38bbf53e43124e
8b53e45df3e4aea81cbfaa90081f6795bcfe39fc
d2aa003ecdd6c31e12964104bd23498a60e94fa2d163c6d1ff285db59f61bb6a

HTTP Headers

GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 12 Feb 2022 17:58:28 GMT
Vary: Accept-Encoding
ETag: W/"6207f544-7c61"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 11076
Date: Wed, 22 Feb 2023 19:09:00 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=XgbVyYUslcvlgftuay22Dg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/ps-global.js

163.171.132.220

200 OK

59 kB

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/ui/javascript/publicsite-ui/ps-global.js
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Size
59 kB (59178 bytes)
Hash
4e3050a0b6c1a9297591be6a373a9666
6ae031bcc80ff8e93bb8279308a0f7b74426270d
13454f8874de5d7bd01611aa64f93b577b15acf432c32e13d791c6768d53c147

HTTP Headers

GET /ui/javascript/publicsite-ui/ps-global.js HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:00 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 59178
Connection: keep-alive
Expires: Wed, 22 Feb 2023 19:39:00 GMT
Last-Modified: Thu, 09 Feb 2023 02:16:10 GMT
ETag: "63e4576a-2d564"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VMdgflkfFRA2wp48:6 (Cdn Cache Server V2.0), 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684c_kf173_44898-11159

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single

163.171.132.220

200 OK

4.3 kB

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (9269)
Size
4.3 kB (4278 bytes)
Hash
121ba4b8ea40d083bb0dc79febfb1160
47a224610cb485819348370af4d0ab784d235dd2
9676899dc5e51cda0aea0c951b25a42694a0bbbea7141ea18f2a0734c7e74edc

HTTP Headers

GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:00 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4278
Connection: keep-alive
Content-Encoding: gzip
Expires: Wed, 22 Feb 2023 19:09:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A65rh3qGAQAAS5TYo0UXhsr6-Yja7Al92Sl7F8e9dYiznWBwhZoedCeS-XrQAaOrhK-cuDv8wH8AAEB3AAAAAA|1|0|8ca4c7049203c9a6a7225402da11c1d01fefd43a; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=XTEwfBiw9sC4VgeeVGyB%2fQV%2f4rYGpb+uLhA4jDhO8Ek%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:00 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684c_kf173_44823-12378

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8332
Expires: Wed, 22 Feb 2023 21:27:52 GMT
Date: Wed, 22 Feb 2023 19:09:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8332
Expires: Wed, 22 Feb 2023 21:27:52 GMT
Date: Wed, 22 Feb 2023 19:09:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8332
Expires: Wed, 22 Feb 2023 21:27:52 GMT
Date: Wed, 22 Feb 2023 19:09:00 GMT
Connection: keep-alive

www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png

104.110.27.78

200 OK

49 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Size
49 kB (48569 bytes)
Hash
4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39

HTTP Headers

GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=15067733
expires: Wed, 16 Aug 2023 04:37:53 GMT
date: Wed, 22 Feb 2023 19:09:00 GMT
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7550b880-8dc3-4409-a3b3-1239677d1950.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7550b880-8dc3-4409-a3b3-1239677d1950.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8357 bytes)
Hash
778cd40a592cf457fb9eb33a7b75d352
28ccd5897ab8c35a117f9205621780c20b656186
af48694bb6429a4556af1ad410b5b551341db0e78565838ac9bc964fe11a660c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7550b880-8dc3-4409-a3b3-1239677d1950.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8357
x-amzn-requestid: 2b32517e-a1b4-4e49-a1bd-d190cdab17a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXaEGCnIAMFWVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5390c-34c389e528b2eda763b78f87;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KJ3zCBnoG2d3Y_NPDkllFInsnvbxt1nJFSbV4Q3oex54qFjuNuqW8g==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:51:40 GMT
etag: "28ccd5897ab8c35a117f9205621780c20b656186"
content-type: image/jpeg
age: 76640
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_gettyimages-691573493_1700x700.jpg

104.110.27.78

200 OK

10 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_gettyimages-691573493_1700x700.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9976 bytes)
Hash
ca681b00aa436514987423d22b468eb6
c1b8a3e0db433f5a97109f7990600ac5a5b93928
19c66e4af0264cc18866db864876cbe240b42688f2fecf1fd7443c3ea71acbc3

HTTP Headers

GET /assets/images/contextual/responsive/hpprimary/wfi_ph_gettyimages-691573493_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61fc441a-17f0e"
last-modified: Thu, 14 Jul 2022 02:03:05 GMT
server: Akamai Image Manager
content-length: 24624
content-type: image/webp
cache-control: private, no-transform, max-age=1805785
expires: Wed, 15 Mar 2023 16:45:25 GMT
date: Wed, 22 Feb 2023 19:09:00 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Size
22 kB (22424 bytes)
Hash
0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

HTTP Headers

GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=8608402
expires: Fri, 02 Jun 2023 10:22:22 GMT
date: Wed, 22 Feb 2023 19:09:00 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F644e40db-f353-42c8-b8f3-a3d61b067916.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7733 bytes)
Hash
81c0d076a45e9141fd7bbca61d5c0cee
989a1ed5045736130244544586ec5ae24b4e77dc
d3d4ecc39dc8ed3086d6d79f17fe4e01b4ba21a3a221f9d0efe31de04a0cb08e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F644e40db-f353-42c8-b8f3-a3d61b067916.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7733
x-amzn-requestid: 33d1af39-36ea-4fb8-b451-67dd5a1a6e56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtW0oEz-IAMFv7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5381d-3bb7c95c1dafdad70dfd9add;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wl8fHBpXq76Cpk1yrIGZeX9hMS1Z1vrsfDp2GgUNywxyILZ9Uyl9Zg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:50:38 GMT
age: 76702
etag: "989a1ed5045736130244544586ec5ae24b4e77dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dacef7f-d2f8-4689-8e99-f6264cd88f75.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8863 bytes)
Hash
bb6757305388dc32866ee6c551938c4c
4eab046e0d4f23d91db4a56b8d6d8cde782e2e47
dc0a93e777b2aaf3f3881539de1de15015bcedc2445b8f5558d04a822399bae4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dacef7f-d2f8-4689-8e99-f6264cd88f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 8983434d-4704-4792-a9b6-625c7d6160f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXYfGJAIAMF3Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53902-21e200522022d8bf513f1b19;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sgZN-g6_WvLn71OFwGttHTZnHRg7VvYXkcdhOl6ta8-vr-SeLlDiIw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:50:41 GMT
age: 76699
etag: "4eab046e0d4f23d91db4a56b8d6d8cde782e2e47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7734 bytes)
Hash
e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4p_3GsIf-LsYLyJFnNh6FQO9q9kHTViRECnpKSnV1xkkZ_PybwmZeg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:51:45 GMT
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
age: 76635
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F553b0a8d-06cc-4780-9968-7b736bee389a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6568 bytes)
Hash
ee922cb933c0bc613eeaa2848bbd98cb
4f887e701f08a13865d95e7adda6907b3b27ce61
9f3bde9200e4462408a2d43f521a3b36a7323e05d025a8726cbf11adac16a8a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F553b0a8d-06cc-4780-9968-7b736bee389a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6568
x-amzn-requestid: 9be53abd-7500-4d29-a749-2793cc50cbec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtW1cHlnoAMFnNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53822-005cdc347b9d25bd00164dc2;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:31:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bGWDlx_fIC5sOBf9gA8-g5ffclCZE-uR7M-CUtTabnK48KB7NsQl_Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:50:42 GMT
age: 76698
etag: "4f887e701f08a13865d95e7adda6907b3b27ce61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2

104.110.27.78

200 OK

23 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Size
23 kB (22600 bytes)
Hash
83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba

HTTP Headers

GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=8608406
expires: Fri, 02 Jun 2023 10:22:26 GMT
date: Wed, 22 Feb 2023 19:09:00 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Size
22 kB (22172 bytes)
Hash
f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

HTTP Headers

GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=8451579
expires: Wed, 31 May 2023 14:48:39 GMT
date: Wed, 22 Feb 2023 19:09:00 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Size
22 kB (21636 bytes)
Hash
1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc

HTTP Headers

GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=8608391
expires: Fri, 02 Jun 2023 10:22:11 GMT
date: Wed, 22 Feb 2023 19:09:00 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/hp/utag.js

95.101.10.152

200 OK

55 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/hp/utag.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (14989)
Size
55 kB (54869 bytes)
Hash
325fd5c1e9f3b04b500aa0a5214d9219
8adc6878a065c03ca375c03e509b1124e2d737db
a55e9e2d4fd5dbf0eb3a9437ce9fc2bcdd94e12693be87fcc0546aff39c4be98

HTTP Headers

GET /tracking/hp/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 13 Feb 2023 21:04:13 GMT
Vary: Accept-Encoding
ETag: W/"63eaa5cd-32385"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54869
Date: Wed, 22 Feb 2023 19:09:00 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=M0aq5QLVsMTqZbcXz+J4Yw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&cb=1677092939927&event=PageLoad&pid=tcm:703-225258-64&ptid=tcm:703-223694-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fbiz%2F&clist=702-228795-16~91-2829-32|84-224686-16~91-2049-32|703-6793-16~91-223645-32|283-192509-16~91-223645-32|283-148263-16~91-223645-32|283-38072-16~91-223645-32|84-226264-16~91-223649-32|84-233306-16~91-223645-32|84-226382-16~91-223645-32|283-226516-16~91-223647-32|283-244189-16~91-236597-32|283-226480-16~91-226306-32|283-224785-16~91-223660-32|283-235016-16~91-223671-32|283-238621-16~91-228642-32|283-226262-16~91-223669-32|283-225008-16~91-223650-32|283-247102-16~91-244420-32|283-225025-16~91-223650-32|283-225026-16~91-223650-32|283-225027-16~91-223673-32|283-226514-16~91-223668-32|283-226635-16~91-223675-32

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&cb=1677092939927&event=PageLoad&pid=tcm:703-225258-64&ptid=tcm:703-223694-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fbiz%2F&clist=702-228795-16~91-2829-32|84-224686-16~91-2049-32|703-6793-16~91-223645-32|283-192509-16~91-223645-32|283-148263-16~91-223645-32|283-38072-16~91-223645-32|84-226264-16~91-223649-32|84-233306-16~91-223645-32|84-226382-16~91-223645-32|283-226516-16~91-223647-32|283-244189-16~91-236597-32|283-226480-16~91-226306-32|283-224785-16~91-223660-32|283-235016-16~91-223671-32|283-238621-16~91-228642-32|283-226262-16~91-223669-32|283-225008-16~91-223650-32|283-247102-16~91-244420-32|283-225025-16~91-223650-32|283-225026-16~91-223650-32|283-225027-16~91-223673-32|283-226514-16~91-223668-32|283-226635-16~91-223675-32
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&cb=1677092939927&event=PageLoad&pid=tcm:703-225258-64&ptid=tcm:703-223694-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fbiz%2F&clist=702-228795-16~91-2829-32|84-224686-16~91-2049-32|703-6793-16~91-223645-32|283-192509-16~91-223645-32|283-148263-16~91-223645-32|283-38072-16~91-223645-32|84-226264-16~91-223649-32|84-233306-16~91-223645-32|84-226382-16~91-223645-32|283-226516-16~91-223647-32|283-244189-16~91-236597-32|283-226480-16~91-226306-32|283-224785-16~91-223660-32|283-235016-16~91-223671-32|283-238621-16~91-228642-32|283-226262-16~91-223669-32|283-225008-16~91-223650-32|283-247102-16~91-244420-32|283-225025-16~91-223650-32|283-225026-16~91-223650-32|283-225027-16~91-223673-32|283-226514-16~91-223668-32|283-226635-16~91-223675-32 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:00 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=u2DSAhm0b1Z28aiI92EKJYFyp%2f4WkTVoVB3r+t5EIpA%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:00 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684c_kf173_44753-18405

static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js

95.101.10.152

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (43411)
Size
14 kB (13794 bytes)
Hash
2071856c9449aac2fcb613d4c0e1c7e1
8988bca8cd8ea6bf8b70e3a44afccd14d36f76ba
428e3a0b9fc1e90cdc9b21b2dacf3d1b9b0b044e1d9ebb44614a699bcf42f2d3

HTTP Headers

GET /assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 08 Feb 2023 04:05:49 GMT
Vary: Accept-Encoding
ETag: W/"63e31f9d-a9c5"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 13794
Date: Wed, 22 Feb 2023 19:09:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=5qbShrhisqZHJ6157I+UJw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css

95.101.10.152

200 OK

2.7 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2671 bytes)
Hash
5257c2e188d24ddc00cc92573e5f2cfb
3526eb21d812e9ebfcb3514cc2ff9ad53abe442e
ae7a3a2c2db5a1dc74814e5001e439aeeae648e3b31cdb7474856dc52ea0b223

HTTP Headers

GET /assets/js/wfui/ndep/css/nuance-c2c-button.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 14 Jul 2021 10:08:23 GMT
Vary: Accept-Encoding
ETag: W/"60eeb797-2bb3"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2671
Date: Wed, 22 Feb 2023 19:09:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ZiO9n8Eqz4qdYIHz7yspPA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js

163.171.132.220

200 OK

308 kB

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (65357)
Size
308 kB (308145 bytes)
Hash
09692edc541783c3d9e1fffdd645c70e
a0dc9751050cc567a7f7f7732116e16a1117989f
1fded794298268e8997cff93efa597bb60d71528d3e8ca4af840a7dd38a64e11

HTTP Headers

GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:01 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Wed, 22 Feb 2023 19:09:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=BQYX4Gl0yxQRo%2fDrLWuVTLIi8hKuHctN1oIxsLJogEY%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:00 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684c_kf173_44898-11175

static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css

95.101.10.152

200 OK

505 B

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with CRLF, LF line terminators
Size
505 B (505 bytes)
Hash
e2966fedd68930d5281a2ed6ea61c0d3
1ede5572cf49f251c212abdbd6f2df4bb48de1fe
c2ef5abb39d304068b5476114ebc952a97c091ea59348c8ba3adeadc715976ad

HTTP Headers

GET /assets/js/wfui/ndep/css/nuance-chat.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 17 Nov 2020 14:00:34 GMT
Vary: Accept-Encoding
ETag: W/"5fb3d782-52b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 505
Date: Wed, 22 Feb 2023 19:09:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=A+cXPJAkJ0eya6Yhu7sQeg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AIArf3qGAQAAdhZAtKfX3IciTV6JpcTSMDP3K-XOgxvi-06ggttJp0mVnR5J&X-G2Q3kxs3--z=q

163.171.132.220

200 OK

150 kB

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AIArf3qGAQAAdhZAtKfX3IciTV6JpcTSMDP3K-XOgxvi-06ggttJp0mVnR5J&X-G2Q3kxs3--z=q
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
150 kB (149540 bytes)
Hash
78a3b7e4a45314966d22cba1f7284ddf
e6bf10e58f066c5f35bc6475228d83ff58e6e798
2e63b9d550cdb32dae9a297dad36d8b404f3e398a8da284282af8bee31f3017b

HTTP Headers

GET /auth/login/static/js/general_alt.js?async&seed=AIArf3qGAQAAdhZAtKfX3IciTV6JpcTSMDP3K-XOgxvi-06ggttJp0mVnR5J&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:01 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Wed, 22 Feb 2023 19:09:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A31sh3qGAQAAwcWVfuEQE1t6Agt5m0wLGug4HwMkVNE7HF2kdsBVZZlNkPzZAaOrhK-cuDv8wH8AAEB3AAAAAA|1|0|8c33bea8b8e8429bd895c3ad0cc98b9b2e78bbe5; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=AyM6eHaAOd5KSRIbgkPimHTMoGx86LvwE+0IyfnbcAo%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:00 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684c_kf173_44898-11173

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/as/target/offers/conversations

163.171.132.220

200 OK

660 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/as/target/offers/conversations
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with very long lines (1269), with no line terminators
Size
660 B (660 bytes)
Hash
eddd800fe706806e131e873e36b03e26
1d50686f551bb6e445e6173664b5a657de2de661
279560f7692cd7497812036cba2a7fb454111f3d6a92a4851bedefc3f0be6740

HTTP Headers

POST /as/target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 103
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:491115; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:01 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 660
Connection: keep-alive
Content-Security-Policy: default-src 'none'; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-7f0696d5-b3f8-484e-be05-cb72a5eeb929' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:a1713d49-d625-4bd4-bfa3-33fd156fb640|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:491115; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a; Expires=Wed, 22-Feb-2023 19:09:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Wed, 22-Feb-2023 19:09:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Wed, 22-Feb-2023 19:09:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917; Expires=Wed, 22-Feb-2023 19:09:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:90; Expires=Wed, 22-Feb-2023 19:09:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=05B98DDB060DEF6A32EFB6739CA63AA7; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Thu, 22-Feb-2024 19:09:01 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202302221109011819921545; domain=.wellsfargo.com; path=/; expires=19 Feb 2033 19:09:01 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=yYLvk49MtWZWVzugAOPCAe9MI5KvUt4fk8XlQ1CA9eQ%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:00 GMT;Httponly; Secure
_abck=470B73167BA92563F92DED2136D53014~-1~YAAQjtAXAoAYEXGGAQAA226HeglqOTgxYYQFjgYRBFo9ZYbG5ONvnoxLbU4jCrwac6uOIWwMv4TZQ6kqsWippPl+MSFQo5G8R6ayy7jUFKPs4ZX8Wm77t8C0efn/jCGzASsVdS/ugDxZC8KOJd37I/TIX5fozku4hv0UuXng/7l/AmmXRQLJFiJOkHwDAxGCmZv+HHuoLKB3Yf0eBuJgG+plGBKIsEAs7IUx5N3iCUHTZy1hL29GzikJNS4OjG2rVNl7e+qVdALlcusqv8l7rEdjL9rErWNeEwlubk1hMURyEyST+AokDsgJQVBVyd3Y+6zwFkXH6mj4VMyZaZGWYyMd9nulos4BU2Nfs+A9gSVq/WMbC2PidX2yghwHX9YR4w==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:01 GMT; Max-Age=31536000; Secure
bm_sz=BEBED17CD0D3D476CE964643CE98300E~YAAQjtAXAoEYEXGGAQAA226HehI6SqN3nYe4G1KSfwB/nBY5So58jdgS93pipd0xh4YEO0prOkbRTtHXMxDHfbBWL4LAEP9ZuRbd5q3s8A4fXOM92gtUv1mLqA4M2SLIlk56MEEtcqc/2p9vIHO5UusdzBmwuQrAvkf4+DAtVwrNe76W6gs1/1talt5KfacXLHpP7jY04H1xp8R6+PfCir/ssYk71AplI6o50DJo6a1s6tdF9Xlk8Q0Li+pEOPep9mfsaQxOCDx3lclqu+XrO+TNLidt/+DMWl6OyZA3JRge0OFJ+o6/~3749680~3553081; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:00 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf182:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684c_kf173_44835-19607

www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico

104.110.27.78

200 OK

9.2 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
9.2 kB (9198 bytes)
Hash
cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c

HTTP Headers

GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=65684
expires: Thu, 23 Feb 2023 13:23:45 GMT
date: Wed, 22 Feb 2023 19:09:01 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png

104.110.27.78

200 OK

1.0 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
ISO Media, AVIF Image\012- data
Size
1.0 kB (1012 bytes)
Hash
4febe8c61db195a61e1bf6366a2dba1e
6b66fc1349bd2d08b0d9046a2f0c33d1b2925534
964596930b998b90463258b346ce36d991a0f28e7054770a1decfff35a9cda0c

HTTP Headers

GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6116f9a6-dcf"
last-modified: Tue, 17 Jan 2023 06:26:40 GMT
server: Akamai Image Manager
content-length: 1012
content-type: image/avif
cache-control: private, no-transform, max-age=1771336
expires: Wed, 15 Mar 2023 07:11:17 GMT
date: Wed, 22 Feb 2023 19:09:01 GMT
X-Firefox-Spdy: h2

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/YkTH3X8OT3kZi2ZDd_Bql8xhjSY/1Q3hwzbwui/MhN8fVdRQQY/WDMAHlx/1EgIB

163.171.132.220

201 Created

18 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/YkTH3X8OT3kZi2ZDd_Bql8xhjSY/1Q3hwzbwui/MhN8fVdRQQY/WDMAHlx/1EgIB
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

POST /YkTH3X8OT3kZi2ZDd_Bql8xhjSY/1Q3hwzbwui/MhN8fVdRQQY/WDMAHlx/1EgIB HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2366
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:1$_ss:1$_st:1677094741786$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 201 Created
Date: Wed, 22 Feb 2023 19:09:01 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=vTe9nf624z7f1xmuJ%2feFAA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=vTe9nf624z7f1xmuJ%2feFAA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=7DB19608931F8FC2C50477CD3B0D4E7C~-1~YAAQWaEkF308s3SGAQAApG+HegnmjRJNQ5ceUWMZmT9PfTAevhDrePq0DHC1EAcA80xluHiHNR2GKA87cOqRlpvT0gVYSFM+QIAAsc7o321sO3wE9fhXzx0csI8uaTNacOEBXqAOSsHPQxtL+6L1SsanI773deZFUu4zPDz1PKd0mV9xA4JdxFF7XxrfFuKUbcGo63Q/BhGeKyWxDsbn4wodOfwS20MH2d8Xm1W8dSpAnxlW3bhD/D7dvNCPoiEdPsp3R5ghdeIswS0nusG6QxUSe8GVbRhHgxm5b6uSwNmLba4g1os+dVfz9VM/3SD+ovw4isCLZgvByo0MB4WgX/f2VGIoFNg6r3mn3qirKwKZ1CRPezwi5nA+FNXa/9EKZQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:01 GMT; Max-Age=31536000; Secure
bm_sz=C6B0F3F8E5FE12E24648788EBC413DF0~YAAQWaEkF348s3SGAQAApG+HehLW2N76FbcWbFNaRG+Rtz974HMgbkVNThlnGTZb2adHD4PpZ0YjWkbJwfmVnIKL0VURE1oV/jdHsv+B6qsJT0/le85t6d9mC4Thwv4s+od/rDsRPHp3N26uNIxHTRhEaGSH8xJd+AQzefJbuvG6tRIWURho1T91LiNHYSE9YIart+T4bBEWfy69dgHX7xys+z9z4LyyRKlhNi2y2p6VU5GJ8zT197aAQimEBNadDnY7KS86f34XLZw7GQhA7JY374Gisvn3fIAHqqN1nCWjTXiNilen~3420464~3158341; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:01 GMT; Max-Age=14400
X-Via: 1.1 kf182:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684d_kf173_44898-11199

static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js

95.101.10.152

200 OK

35 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (306), with CRLF line terminators
Size
35 kB (35227 bytes)
Hash
6b6e25186e12dddab5cfc7e3eaf88138
b10a74c86e7fa78e2c8a7b3797bcfaf7ccc717e7
c626e63ae020f2dff5a3dd67681ef69d4fb334218d325321dabfa5e206586602

HTTP Headers

GET /assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 09 Nov 2022 04:37:55 GMT
Vary: Accept-Encoding
ETag: W/"636b2ea3-24709"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 35227
Date: Wed, 22 Feb 2023 19:09:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=RQv6V9rFL0NYnom4gdaBNA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js

95.101.10.152

200 OK

5.6 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (928), with CRLF line terminators
Size
5.6 kB (5649 bytes)
Hash
00e6f77045d9c92840a490cfcdc9ff6a
22f273b66fe0c5d43cf747fb9868b0904d5ee4b8
4d144f941f05ff42f2a818328b7524c6d3f2b6efc1fe93a09794af14ad262f6c

HTTP Headers

GET /assets/js/wfui/ndep/js/nuan-c2c.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Mar 2022 05:41:26 GMT
Vary: Accept-Encoding
ETag: W/"62317886-590b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 5649
Date: Wed, 22 Feb 2023 19:09:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ycIeCntazsfnFQCJXVYhFQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_checking_64x64.png

104.110.27.78

200 OK

1.0 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_checking_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
ISO Media, AVIF Image\012- data
Size
1.0 kB (1041 bytes)
Hash
687712193c942b67bb57377576a56d0f
86148c04aba6a18960ab985d7a90e11c17dc3b36
59bd7dd508d7560483b79bfd3db688a487c70620d5d8994d646695c837cbf6a7

HTTP Headers

GET /assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_checking_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c48-957"
last-modified: Mon, 13 Feb 2023 08:26:35 GMT
server: Akamai Image Manager
content-length: 1041
content-type: image/avif
cache-control: private, no-transform, max-age=1775722
expires: Wed, 15 Mar 2023 08:24:23 GMT
date: Wed, 22 Feb 2023 19:09:01 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/cyber_1700x700.jpg

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/cyber_1700x700.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x423, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
22 kB (21760 bytes)
Hash
cadf7def5368f8ab7907884394fe8f97
3bb30552e9ea05489085603c20f8bf41c0dfc6b5
4d875bd85c1eec04e7ce696786fb41228cb81be3dcec951f8870b59662fc0ef5

HTTP Headers

GET /assets/images/contextual/responsive/hpprimary/cyber_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "633de465-15094"
last-modified: Thu, 06 Oct 2022 14:36:47 GMT
server: Akamai Image Manager
content-length: 21760
content-type: image/webp
cache-control: private, no-transform, max-age=2132163
expires: Sun, 19 Mar 2023 11:25:04 GMT
date: Wed, 22 Feb 2023 19:09:01 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-platinum_79x49.png

104.110.27.78

200 OK

1.4 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-platinum_79x49.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.4 kB (1436 bytes)
Hash
0880265bd118920fd1ca18eabb29c528
49602ee1485b1f4055635d42c568546e13aa8c90
37dd0a3404af3c62777281c147d144378dd6809620e531e58a17423abc057c38

HTTP Headers

GET /assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-platinum_79x49.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6335f9d5-1a8f"
last-modified: Mon, 03 Oct 2022 02:02:07 GMT
server: Akamai Image Manager
x-serial: 1888
x-check-cacheable: YES
content-length: 1436
content-type: image/webp
cache-control: private, no-transform, max-age=1611925
expires: Mon, 13 Mar 2023 10:54:26 GMT
date: Wed, 22 Feb 2023 19:09:01 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn-marketing-belt-cash-hand_64x64.png

104.110.27.78

200 OK

2.5 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn-marketing-belt-cash-hand_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.5 kB (2520 bytes)
Hash
01695377e69f7063e1550746495c81f5
609ec8ee8dd28f128f0477b6147817750c9b341e
5c9d48467771247548445209a10047ced732d2da276c072f4c6c5a483405c944

HTTP Headers

GET /assets/images/rwd/icons/marketing_belt_icons/icn-marketing-belt-cash-hand_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61c275a2-103b"
last-modified: Thu, 14 Jul 2022 02:03:01 GMT
server: Akamai Image Manager
content-length: 2520
content-type: image/webp
cache-control: private, no-transform, max-age=1926191
expires: Fri, 17 Mar 2023 02:12:12 GMT
date: Wed, 22 Feb 2023 19:09:01 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-elite_79x49.png

104.110.27.78

200 OK

1.4 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-elite_79x49.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.4 kB (1350 bytes)
Hash
cc3d77556283919af04e0641e3e37250
1e96a649e7cb434597082cc204b050127e36e8f8
21c8d2fc781f13fb45ae4208b353c983d49d41c3505e94e29b5c1d5c31e19c68

HTTP Headers

GET /assets/images/rwd/photography/product/small-business/card/fatnav/cc-business-elite_79x49.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6335f9d8-1bfd"
last-modified: Sun, 18 Dec 2022 17:40:21 GMT
server: Akamai Image Manager
x-serial: 1005
x-check-cacheable: YES
content-length: 1350
content-type: image/webp
cache-control: private, no-transform, max-age=1516846
expires: Sun, 12 Mar 2023 08:29:47 GMT
date: Wed, 22 Feb 2023 19:09:01 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marekting_belt_credit_card_64x64.png

104.110.27.78

200 OK

1.6 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marekting_belt_credit_card_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1648 bytes)
Hash
b6865ccc7a6df08112ed1669824be71c
1a51df486fd125ee8a966115a1373e4b34e49c11
f33f804c40891284e0c3afcd509b199e56f3a2821fcc2f83f60aa66cf60ba305

HTTP Headers

GET /assets/images/rwd/icons/marketing_belt_icons/icn_marekting_belt_credit_card_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61c275a2-9d0"
last-modified: Thu, 14 Jul 2022 02:03:02 GMT
server: Akamai Image Manager
content-length: 1648
content-type: image/webp
cache-control: private, no-transform, max-age=1805628
expires: Wed, 15 Mar 2023 16:42:49 GMT
date: Wed, 22 Feb 2023 19:09:01 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_touchless_64x64.png

104.110.27.78

200 OK

1.9 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_touchless_64x64.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.9 kB (1930 bytes)
Hash
2fd7f8c24576c73072097bf2e6259185
0fbda4c7e3b800aec15fea0539ad703ae61d6046
144529be2df1a6a4bbcbd82b300cd99b256fea8a768d3488f8080f4c0a908260

HTTP Headers

GET /assets/images/rwd/icons/marketing_belt_icons/icn_marketing_belt_touchless_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61c275a2-bde"
last-modified: Thu, 14 Jul 2022 02:03:01 GMT
server: Akamai Image Manager
content-length: 1930
content-type: image/webp
cache-control: private, no-transform, max-age=1516792
expires: Sun, 12 Mar 2023 08:28:53 GMT
date: Wed, 22 Feb 2023 19:09:01 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/matchmaker_woman_1600x700.jpg

104.110.27.78

200 OK

35 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/matchmaker_woman_1600x700.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x502, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
35 kB (34606 bytes)
Hash
539b8a50b31186a56fc5f1ab1297ea78
575c94d22bac962bf0417f00c9539f28ad6296f0
bdb5cb84e084b4f210b9d4d961ed3c47d650e48d5010d6eeeba0a06338ca5988

HTTP Headers

GET /assets/images/contextual/responsive/lpromo/matchmaker_woman_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61c4837f-1857e"
last-modified: Thu, 14 Jul 2022 02:03:06 GMT
server: Akamai Image Manager
x-serial: 322
x-check-cacheable: YES
content-length: 34606
content-type: image/webp
cache-control: private, no-transform, max-age=1795539
expires: Wed, 15 Mar 2023 13:54:41 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_tablet_flower_shop_616x353.jpg

104.110.27.78

200 OK

33 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_tablet_flower_shop_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
33 kB (33186 bytes)
Hash
65a51929096fa18d4bb06f2a29891a75
d34df0eb676d584af89dfc2b6e022b4910b90cc0
d67a289220cf94e6d81eefe14a1a911aeeff5010229d78c409fe55761f2d8108

HTTP Headers

GET /assets/images/rwd/photography/616x353/man_tablet_flower_shop_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62a189aa-d24b"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 33186
content-type: image/webp
cache-control: private, no-transform, max-age=1793957
expires: Wed, 15 Mar 2023 13:28:19 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/2_woman_cafe_folder_616x353.jpg

104.110.27.78

200 OK

55 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/2_woman_cafe_folder_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
55 kB (54586 bytes)
Hash
a974c3d7e7eec33c0b3a6a51bc5dda5b
e3c5e2e739d51f334183573016c9e00de421bed5
ca43102cb524defb85fcf58b1236f271a8c02303e3e4e1df6351273867576cce

HTTP Headers

GET /assets/images/rwd/photography/616x353/2_woman_cafe_folder_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62a189aa-11d15"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 54586
content-type: image/webp
cache-control: private, no-transform, max-age=1805661
expires: Wed, 15 Mar 2023 16:43:23 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/food_truck_card_insert_616x353.jpg

104.110.27.78

200 OK

26 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/food_truck_card_insert_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
26 kB (25792 bytes)
Hash
e004488f9fb67721f39390f524ad5c78
24a7cf417462d429cc72dc5ea55873c4cdeef796
1b422aeb872e1f5c9a0c4ea9db41f1022d6c38a83d7e5e806d1ca6741ab3be6a

HTTP Headers

GET /assets/images/rwd/photography/616x353/food_truck_card_insert_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62a189a9-b2b6"
last-modified: Thu, 14 Jul 2022 02:02:38 GMT
server: Akamai Image Manager
content-length: 25792
content-type: image/webp
cache-control: private, no-transform, max-age=1805636
expires: Wed, 15 Mar 2023 16:42:58 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/Navtive_App_Phone_Personal.png

104.110.27.78

200 OK

15 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/Navtive_App_Phone_Personal.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
15 kB (15388 bytes)
Hash
42f3bed043f7a3b4c585c74b98e35499
16d8482ca3e416cb9203f15bd0c0faa82e622327
ecfea4fcc40f95576acdf90df879a5bed9a1c481a69c127d940c616e5332cc98

HTTP Headers

GET /assets/images/rwd/Navtive_App_Phone_Personal.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61a934dd-41c5b"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 15388
content-type: image/webp
cache-control: private, no-transform, max-age=1804921
expires: Wed, 15 Mar 2023 16:31:03 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_kitchen_tablet_616x353.jpg

104.110.27.78

200 OK

26 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_kitchen_tablet_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
26 kB (25762 bytes)
Hash
ce943ec0868d0b5769548025730ebb06
31d26f01d9a1e62d683b1165bec3d6e5b5310093
be1ec3a15be24dbd2904218e9def59d04b54bdca02738ee718a55823572f179a

HTTP Headers

GET /assets/images/rwd/photography/616x353/woman_kitchen_tablet_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62a189a8-c00f"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 25762
content-type: image/webp
cache-control: private, no-transform, max-age=1805684
expires: Wed, 15 Mar 2023 16:43:46 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_woman_shoes_616x353.jpg

104.110.27.78

200 OK

25 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_woman_shoes_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
25 kB (25094 bytes)
Hash
11d5c849b66051138628a9cbe63132fd
7b30e03cf2ba108867c248ecdc8207bd6a4bb80c
ba5375591bbba655a050fea8fb3c9dfa7561d09a102c7b4a987999cc7b4ddb0d

HTTP Headers

GET /assets/images/rwd/photography/616x353/man_woman_shoes_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62a189a9-d12c"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
content-length: 25094
content-type: image/webp
cache-control: private, no-transform, max-age=1776241
expires: Wed, 15 Mar 2023 08:33:03 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_computer_paper_shop_616x353.jpg

104.110.27.78

200 OK

33 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/man_computer_paper_shop_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 616x353, components 3\012- data
Size
33 kB (32871 bytes)
Hash
816d65c2758ff533fa6e21801daeb1e6
08e4d8044b39ddbef43651cb29b371c450e651c1
72137441f0a479553ec1c095ac9f20ae25a6a1a631f910415ea2e18eb367f2bd

HTTP Headers

GET /assets/images/rwd/photography/616x353/man_computer_paper_shop_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62a189aa-a3e7"
last-modified: Thu, 14 Jul 2022 02:02:38 GMT
server: Akamai Image Manager
x-serial: 510
x-check-cacheable: YES
content-length: 32871
content-type: image/jpeg
cache-control: private, no-transform, max-age=1657505
expires: Mon, 13 Mar 2023 23:34:07 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png

104.110.27.78

200 OK

2.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2330 bytes)
Hash
cd43a2d200f1b8eec84495408eb299f0
2eb173b0af9b49b634e0645a96931f5fdf6e3ab3
659ec8c02bafa9c286c39731fb1d2d382a7a8dd2ee8cc4132146558dbe27b6a8

HTTP Headers

GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-9f2c"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
x-serial: 858
x-check-cacheable: YES
content-length: 2330
content-type: image/webp
cache-control: private, no-transform, max-age=1772172
expires: Wed, 15 Mar 2023 07:25:14 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_computer_writing_mugs_616x353.jpg

104.110.27.78

200 OK

34 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/rwd/photography/616x353/woman_computer_writing_mugs_616x353.jpg
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 616x353, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
34 kB (33632 bytes)
Hash
58ede609c8abd3ba38aa9d0e8de3298e
b2236e0ac30a78ef74c1db03a331f2cdc78dbf34
8e7880330ef42f2dd950fea1001a6124574a5a03afc384b88a2b744b9875fbb5

HTTP Headers

GET /assets/images/rwd/photography/616x353/woman_computer_writing_mugs_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "62a189a8-e4dd"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 33632
content-type: image/webp
cache-control: private, no-transform, max-age=1764414
expires: Wed, 15 Mar 2023 05:15:56 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png

104.110.27.78

200 OK

2.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2340 bytes)
Hash
2f9e97870725142046712437d067b97f
bf8db685193835edea05ac95e5671b24e0f49467
50ce7b0d954443e5fd62e3cd003bc7124bda0b30dd58d6a66485c72be96959c0

HTTP Headers

GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-cf3e"
last-modified: Thu, 14 Jul 2022 02:02:39 GMT
server: Akamai Image Manager
content-length: 2340
content-type: image/webp
cache-control: private, no-transform, max-age=1688716
expires: Tue, 14 Mar 2023 08:14:18 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png

104.110.27.78

200 OK

2.1 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.1 kB (2092 bytes)
Hash
bf02d082705f06162b2e73f68602e79e
219dbb45081fa5d8663bad2f96e9066e7f17aa6e
10c22e3b130204065c1a61e7995a9defe21f0408801e8b442035a03f8d16ad64

HTTP Headers

GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-7b35"
last-modified: Thu, 14 Jul 2022 02:02:36 GMT
server: Akamai Image Manager
x-serial: 416
x-check-cacheable: YES
content-length: 2092
content-type: image/webp
cache-control: private, no-transform, max-age=1772336
expires: Wed, 15 Mar 2023 07:27:58 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/homepage/position-4-bg-gradient.png

104.110.27.78

200 OK

2.6 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/homepage/position-4-bg-gradient.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.6 kB (2594 bytes)
Hash
1626a2f9535a10e8d076cab3de0df78f
4c2c4d82a3d4b49457a8a17a345c07c9617202fd
3fbf3b0d590832220370ac5dd608fa737315363f163967c6671d228bd3161084

HTTP Headers

GET /assets/images/homepage/position-4-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "61619278-ea13"
last-modified: Thu, 14 Jul 2022 02:02:46 GMT
server: Akamai Image Manager
x-serial: 1250
x-check-cacheable: YES
content-length: 2594
content-type: image/webp
cache-control: private, no-transform, max-age=1871588
expires: Thu, 16 Mar 2023 11:02:10 GMT
date: Wed, 22 Feb 2023 19:09:02 GMT
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/gb/detector-dom.min.js

95.101.10.152

200 OK

132 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65434)
Size
132 kB (131829 bytes)
Hash
73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7

HTTP Headers

GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:51 GMT
Vary: Accept-Encoding
ETag: W/"632cbfa7-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 131829
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=tNGBFNVnN++xy7AnkZnh8w%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d946f390988dce190ab0217e162971c4
29fad973e20c47e9350fc099fd8fb79d9cd38663
63cc8e3076d9fc00667fe78eeb07f6d8ca8f086e633402ce823ba4f637b6f2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3172
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:02 GMT
Last-Modified: Wed, 22 Feb 2023 18:16:10 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

95.101.10.152

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65507), with CRLF line terminators
Size
45 kB (45055 bytes)
Hash
02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4

HTTP Headers

GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=rrw7%2fnaswblM4GATHkACOA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1677092942769

34.255.210.6

200 OK

321 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1677092942769
IP
34.255.210.6:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Size
321 B (321 bytes)
Hash
4e8b7af8b9ab92a3cb5d4640c36eda94
734f476fb29421e4af209789995b87830aa7b446
6134ea92e30b45b675f35cbf5ace0cefc5842dfdee8ed9d0974b442e21076fe7

HTTP Headers

GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1677092942769 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v046-0a5fb53d3.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=44686516900761603092140126977187739718; Max-Age=15552000; Expires=Mon, 21 Aug 2023 19:09:02 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: RJHpaqB7Qlk=
Content-Length: 321
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
163c8181e30654cf3a22ef443bfd48f9
488b03bc71663793ef4554ff50d92eb442dbf5e4
0a121b53f9e072b09fac40bff72c9cef706b0469552562f3f55b76c5f4000b00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 19 Feb 2023 20:38:02 GMT
Expires: Sun, 26 Feb 2023 20:38:01 GMT
Etag: "488b03bc71663793ef4554ff50d92eb442dbf5e4"
Cache-Control: max-age=350338,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79da038909b5b4e8-OSL

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA

163.171.132.220

200 OK

179 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
179 B (179 bytes)
Hash
bcf3fa13a68025c010248298028216b3
90f5131d31996707a1e449c338ca2e3dd3c97265
c15c29d7d14f46b8b1ed121f5888dedf55a8cbcdbf3e507615e0d188ec2f4cc4

HTTP Headers

POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Content-Type: multipart/form-data; boundary=---------------------------37023084985418373403873648371
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Content-Length: 169
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:1$_ss:1$_st:1677094741786$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=109112245; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 179
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
X-Akamai-Transformed: 9 175 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=M2JoZwPmcH8+YpfEv161OKGAlHiIMsZv0Tt7tV0onjj9slDjReI%2fyMCZ4uUfUVc8; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
_abck=852B8ED3E8D8201D953DF8B067FF6101~-1~YAAQWaEkF5g8s3SGAQAA03GHegnssqKVWcuezre+uDRVa4NpeXLRaajscDFy3vEEHBkBWqEf1F6N7A2YBHBGzbH9RlVJlVF7ZU4YZRl/p5FbKP4a3tOteNry2qVvXcAB7ypO23ANM2e4XrpWxzEduKOHBtFr07IG2Qzm4KqdKX1lB1sTSe1U2vGU+wW3nhmZVcgMsehdM6jdkfKdkxUk6MG4AaDbI8hBZbbVHjdVv71LLIKkajWpW/2dUVTpV4vzHeh2nB5Xlcw1RodixO/8fcIhWRQ7XxGtdHGX0WwFWPJHwSAOgmDvkSnG82Mbs5tUoq0bhtjfaIo3NhyLh+H8IryB3JI39DUo4PbGpFjpB7XSiNP/g95MwneEcxeUYF6Seg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:02 GMT; Max-Age=31536000; Secure
bm_sz=0D82A7DE127CA80CCB144975D5A04873~YAAQWaEkF5k8s3SGAQAA03GHehKRcpR7PI2OleFJFf1YOv7Q7rUfz0CjIGz2S6YvDKTmaAFOofpEBeIwCOhe41cztLTzPwA4PbzkOBeGz5+SsNpTly4DkAXR06GiRpeZXsyNGaMci0JU/mwtwjND1RReSIDOiROnVzRgi/AL4MrOt0bXPXzc5zxoXky5f94i0mUzXEsj4sP/iPvAOxga7tFo4x5QGfSd0fUDYZS76KFWdNdfSs9Pwu7R1L7OKblOorkXInmpTq2za3UShb/yI5ZBID47XpX3WCVdlhYVAoPDAv8Q9HDN~3552065~4403257; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:02 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684e_kf173_44898-11206

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/YkTH3X8OT3kZi2ZDd_Bql8xhjSY/1Q3hwzbwui/MhN8fVdRQQY/WDMAHlx/1EgIB

163.171.132.220

201 Created

18 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/YkTH3X8OT3kZi2ZDd_Bql8xhjSY/1Q3hwzbwui/MhN8fVdRQQY/WDMAHlx/1EgIB
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

POST /YkTH3X8OT3kZi2ZDd_Bql8xhjSY/1Q3hwzbwui/MhN8fVdRQQY/WDMAHlx/1EgIB HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2364
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:1$_ss:1$_st:1677094741786$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=109112245; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 201 Created
Date: Wed, 22 Feb 2023 19:09:02 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=OFWpYQwjk7WGeZq7yjQWwg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=OFWpYQwjk7WGeZq7yjQWwg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=5C40C0CCD8D0D87CA2A7C5192A9C8AC7~-1~YAAQWaEkF508s3SGAQAA63GHegnl8rWaMAAgbj0oEwBVH1GNiz7Y4AsovBwjN4I9/0u+OXe81zt0HT0CI08Y4eBpl4HISgLb9scYEm/EO0C9iCk6OV8AgvqtR8xOQiDs2vXkQ6n0bNteLKeYxrQIyS1yz8aI0BT9QcvM5SWsp2KCmgNfKLjw2znu1Gxcspo54T5sbrvs+SeyPho/YLQZIUauomIX7NgafKGRjHa4iupeYBbRV1xw50omdtq07i2g9yh/QbshhkFCFGLz82BNr2Tjwus27uAl8Yh6qMlgAVTbQZ6ZNw8yemI+wMvj719d3Dgh98TBJgbYNe6XQha3WJOqF7/Z+YMDiP1Lbyu9lGSDVooHgzbP8D+zEZ5s1fb9CQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:02 GMT; Max-Age=31536000; Secure
bm_sz=B6537B17E5A7DB3BD253702F41A69465~YAAQWaEkF548s3SGAQAA63GHehKZn12GNHfY7b33Li6hwH6fFgZqWrYyV4kk+77Vm+XngvRfO+yeLUWcDgwyVQZYps92rzbCoTWw8qWvno8V2yNbEwxEsl4HbFHQigl3qRxqaLi1lWYktv0xPqjyltf1CHu0/0u3khLdO8fopJVTCzwxfjD8b5xNAk7lOXuat4PbKxQhjqS+3yBXG5+AsvWmEOEd/Z9vMqeo+s8+QT0AL92ydEaRIa5ExqZ5qD6g+eyOy1tlY18yUJnW7Lzq3zoNke1jx5g/Y2zHhVR/QAifeSMo+uZV~3552065~4403257; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:02 GMT; Max-Age=14400
X-Via: 1.1 kf182:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684e_kf173_44898-11214

dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=44717565381874962302143233820118418005&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202302221108591972982844%011&ts=1677092942953

34.255.210.6

200 OK

321 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=44717565381874962302143233820118418005&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202302221108591972982844%011&ts=1677092942953
IP
34.255.210.6:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Size
321 B (321 bytes)
Hash
8fe9968ac58714b77e88d8d783a78607
283e3ca913eb9e1d5e2431ec07887b87e51c1bc6
e0fb230b50eb16facfb1f8c03c962802557a1298d27b693bceade18b2aa11d7a

HTTP Headers

GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=44717565381874962302143233820118418005&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202302221108591972982844%011&ts=1677092942953 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v046-06d22350d.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=27094124433594322992024033906866201075; Max-Age=15552000; Expires=Mon, 21 Aug 2023 19:09:02 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: +AcicpBRQkk=
Content-Length: 321
Connection: keep-alive

api.rlcdn.com/api/identity/idl?pid=1317

34.120.133.55

451 Unavailable For Legal Reasons

0 B

URL HTTP/2
api.rlcdn.com/api/identity/idl?pid=1317
IP
34.120.133.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/identity/idl?pid=1317 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 451 Unavailable For Legal Reasons
date: Wed, 22 Feb 2023 19:09:02 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

95.101.10.152

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (32088), with CRLF line terminators
Size
14 kB (14304 bytes)
Hash
3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=h0PrT360OTw0lK+SVXhpng%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
163c8181e30654cf3a22ef443bfd48f9
488b03bc71663793ef4554ff50d92eb442dbf5e4
0a121b53f9e072b09fac40bff72c9cef706b0469552562f3f55b76c5f4000b00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 19 Feb 2023 20:38:02 GMT
Expires: Sun, 26 Feb 2023 20:38:01 GMT
Etag: "488b03bc71663793ef4554ff50d92eb442dbf5e4"
Cache-Control: max-age=350338,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79da0389eabcb4e8-OSL

static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1

95.101.10.152

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65507), with CRLF line terminators
Size
45 kB (45055 bytes)
Hash
02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4

HTTP Headers

GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=OPx6CT65x1I%2fBL8rj42ThA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153

95.101.10.152

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65507), with CRLF line terminators
Size
45 kB (45055 bytes)
Hash
02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4

HTTP Headers

GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ukb4QSQOL8HAhIQXfGyYRQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569

95.101.10.152

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65507), with CRLF line terminators
Size
45 kB (45055 bytes)
Hash
02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4

HTTP Headers

GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=0QSNwYQssUdiHMtcs%2fob+Q%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1677092942780

34.255.210.6

200 OK

317 B

URL HTTP/1.1
wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1677092942780
IP
34.255.210.6:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (587), with no line terminators
Size
317 B (317 bytes)
Hash
98111cea987a48da25ed9684bec37f6b
284ce247a5a12ac79c18aa97a301229ccc0b9720
e3fe50136940152698bb4b9d9ae23ecf62b39f5a57d0e027267ae2f2bb10e1a0

HTTP Headers

POST /event?d_dil_ver=9.5&_ts=1677092942780 HTTP/1.1
Host: wellsfargobankna.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 377
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v046-05db1e5fa.edge-irl1.demdex.com 15 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=44686516900761603092140126977187739718; Max-Age=15552000; Expires=Mon, 21 Aug 2023 19:09:02 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: Ss4nfxB+S3I=
Content-Length: 317
Connection: keep-alive

rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20%3A0&_cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86&pv=2&f_cls_s=true

95.101.10.203

200 OK

1.2 kB

URL HTTP/1.1
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20%3A0&_cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86&pv=2&f_cls_s=true
IP
95.101.10.203:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (5109), with no line terminators
Size
1.2 kB (1189 bytes)
Hash
bf47e0780749c07cdaebccad607e13bd
f48d7d6508e3498cce2bf18642557c82169c1ce9
b0795e041ef5c15264b57a365302d79f03244729a386a4ae225e7c4d6f6736ef

HTTP Headers

GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20%3A0&_cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1189
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=de760e43; Secure; SameSite=None;HttpOnly;Secure
_cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!qdnf/xxmb98RYw4q/D2JHXmrrcNtCw0CF2jIC4PpDbXWvyqBDC9dkf4CVXcNH2JAO+eTj/JdAby2FA==; path=/; Httponly; Secure
DCID=fSOmBlSNO+Y8PaTVkLqkt0PVnv694P6c1w%2f1YOw0vc3rzNdujf36kV7RMphSgDie; Domain=rubicon.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

static.wellsfargo.com/tracking/ga/ga_conversion_async.js

95.101.10.152

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/ga_conversion_async.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (35846)
Size
14 kB (13593 bytes)
Hash
42c817a7b5f9583b2bc70f742dc950c9
ff75711716f8605860abe551b0235f7194e4348e
881b430ac699f32b3b5234582494d1f4fc0d22be1e6ac797847d66bc5ebc250f

HTTP Headers

GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=FjZgEglg27lztEKKdEZBGQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

connect.secure.wellsfargo.com/auth/static/prefs/atadun.js

95.101.10.194

200 OK

607 B

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP
95.101.10.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with CRLF line terminators
Size
607 B (607 bytes)
Hash
00c66df208db2e1ba86a1bf44853001c
703b030e21167b9bbb52ae54bca96921a886c2dc
ab1989dd07ba1ed256db9131647ea9cb1b3735fac736fd27fb73b4b44c6e45b9

HTTP Headers

GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 22 Feb 2023 02:28:08 GMT
Vary: Accept-Encoding
ETag: W/"63f57db8-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
Content-Length: 607
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=R77sq7hLGdNLRCg89xJrdpgushiXqSU12Tmd%2fVsgaH4%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
99833367490dd4a0b1fe074db23fbaa0
f5195f40f27dc45e7dfc323a8f5e0c546be2f6ca
0e4a4c91d19b35385a72a41c0b2b9bf64ec4e9b064c6230de863985d935239c8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.wellsfargo.com/tracking/ga/ga.js

95.101.10.152

200 OK

20 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/ga.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (49163)
Size
20 kB (19477 bytes)
Hash
d76c07f3794667edfb1c8ac0df3aac66
23e1915175dad06223c692b49c7b3c2aad1a5820
e0a246ff71144016a26e53493b8275a3a02b9386c690a169801840072851136b

HTTP Headers

GET /tracking/ga/ga.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=vOVkUk3HZSThskuYNQ8LIQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

95.101.10.152

200 OK

16 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (599)
Size
16 kB (15970 bytes)
Hash
18a9dcc7cee831010cf1647c8e39088a
731f39c30835414c6e165dd4687bf4071fe0eb10
1dc439a17ef08f995584c4869ccc397120b2502b57ba40240887df28e347be9b

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=UHfEK0Ih8KJaAlkgxYLpZw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

2549153.fls.doubleclick.net/activityi;src=2549153;type=bisf90;cat=all_a0;ord=7140900728126;gtm=2od8g0;auiddc=402366909.1677092943;u1=11202302221108591972982844;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F?

142.250.74.6

200 OK

319 B

URL HTTP/2
2549153.fls.doubleclick.net/activityi;src=2549153;type=bisf90;cat=all_a0;ord=7140900728126;gtm=2od8g0;auiddc=402366909.1677092943;u1=11202302221108591972982844;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F?
IP
142.250.74.6:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (556), with no line terminators
Size
319 B (319 bytes)
Hash
e0405099ae004b39023d570d41a1135c
b88159c3a14d0630a644fde0264c83e2fc071806
d449ebd4277445f9a0e4d992f7ed444c9ac1d918f5b4b3248721f8eb0daa33c8

HTTP Headers

GET /activityi;src=2549153;type=bisf90;cat=all_a0;ord=7140900728126;gtm=2od8g0;auiddc=402366909.1677092943;u1=11202302221108591972982844;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F? HTTP/1.1
Host: 2549153.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 19:09:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 319
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 22-Feb-2023 19:24:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
99833367490dd4a0b1fe074db23fbaa0
f5195f40f27dc45e7dfc323a8f5e0c546be2f6ca
0e4a4c91d19b35385a72a41c0b2b9bf64ec4e9b064c6230de863985d935239c8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.secure.wellsfargo.com/AIDO/glu.js

95.101.10.194

200 OK

37 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/AIDO/glu.js
IP
95.101.10.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
37 kB (37182 bytes)
Hash
72a93b294eabee41ddb3d8f8c741227e
254b05b32ffa0e0e0d4cdbeab5fcd9eacf782f0f
3c57bdd5f1e3e67da60f731f7d6a3108137364756e56e51ed43ac6a432385bed

HTTP Headers

GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37182
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=dv1InFn3KE+HDnu6csyJiq9HDQhlfuB3YqtxglQlsWM%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

static.wellsfargo.com/tracking/ga/ec.js

95.101.10.152

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/ec.js
IP
95.101.10.152:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (2771)
Size
1.3 kB (1313 bytes)
Hash
8a1d22ba0de1104dcdc02a582b407ed2
e4d90fd13a73c7379c46b197ded523a5d33c69b9
4a44a1a7efd65360f31e0b1842ad06b7fedc7c0373c69c0077c696cd49cc35de

HTTP Headers

GET /tracking/ga/ec.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=q0e4L+eZr+lHbkslDk4xew%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure

rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.52B103&_cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0&_cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86&pid=dacef58a-ef7b-4631-a3a4-7ba3346132ac&sn=1&cfg&pv=2&aid=

95.101.10.203

200 OK

1.2 kB

URL HTTP/1.1
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.52B103&_cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0&_cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86&pid=dacef58a-ef7b-4631-a3a4-7ba3346132ac&sn=1&cfg&pv=2&aid=
IP
95.101.10.203:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (5109), with no line terminators
Size
1.2 kB (1189 bytes)
Hash
bf47e0780749c07cdaebccad607e13bd
f48d7d6508e3498cce2bf18642557c82169c1ce9
b0795e041ef5c15264b57a365302d79f03244729a386a4ae225e7c4d6f6736ef

HTTP Headers

POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.52B103&_cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0&_cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86&pid=dacef58a-ef7b-4631-a3a4-7ba3346132ac&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2940
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=de760e43; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1189
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Wed, 22 Feb 2023 19:09:02 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=de760e43; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!t3Upna+Kc8YfL5fpnNE5eVRfS7HzYxDcfN6Gsbyw001Y0cSYb6Rs3xcrNu+uV1suYl+Gktk2ynH46w==; path=/; Httponly; Secure
DCID=cKnhm0FvliGqz5KssxHiRc%2f6nygHrlkC8eZ8Phhd5f8hBvz7fBwz8ttPWJinNtTT; Domain=rubicon.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
67d0353e59411ba1f85c492efa548d94
2bb48dd2638abb14217de43ca03d2485a31eb7e7
c50c81dc979238b0bfea29f69cc5b4e6277e06c407025412430c190acf1e8d29

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=1132212410&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&ul=en-us&de=UTF-8&dt=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=1160322440&gjid=1608119852&cid=1982397452.1677092944&tid=UA-107148943-1&_gid=639952882.1677092944&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202302221108591972982844&cd12=BROWSER&cd22=hp&cd23=4.49.0&gtm=2ou8g0&cd35=1982397452.1677092944&z=1891711908

142.250.74.110

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=1132212410&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&ul=en-us&de=UTF-8&dt=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=1160322440&gjid=1608119852&cid=1982397452.1677092944&tid=UA-107148943-1&_gid=639952882.1677092944&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202302221108591972982844&cd12=BROWSER&cd22=hp&cd23=4.49.0&gtm=2ou8g0&cd35=1982397452.1677092944&z=1891711908
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j92&aip=1&a=1132212410&t=pageview&_s=1&dl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&ul=en-us&de=UTF-8&dt=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=4GBACUALBAAAAC~&jid=1160322440&gjid=1608119852&cid=1982397452.1677092944&tid=UA-107148943-1&_gid=639952882.1677092944&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202302221108591972982844&cd12=BROWSER&cd22=hp&cd23=4.49.0&gtm=2ou8g0&cd35=1982397452.1677092944&z=1891711908 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
date: Wed, 22 Feb 2023 19:09:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943519&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-254032-16%7Etcm%3A91-223657-32

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943519&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-254032-16%7Etcm%3A91-223657-32
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943519&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-254032-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Nhw4vmMUgi6YBikWWlYuRjhbxfsZwXoLxbCd4MOUHOyzQCqzHLont7aDHlTyOh+u; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684e_kf173_44823-12448

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
67d0353e59411ba1f85c492efa548d94
2bb48dd2638abb14217de43ca03d2485a31eb7e7
c50c81dc979238b0bfea29f69cc5b4e6277e06c407025412430c190acf1e8d29

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943505&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A283-226516-16%7Etcm%3A91-223647-32

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943505&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A283-226516-16%7Etcm%3A91-223647-32
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943505&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A283-226516-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=50FG+TlSxfl2bFf74k2X3phXk66rTbJ7ArBLzOHlv604saxjE8L2VuldYYY3xiEp; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684e_kf173_44898-11226

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943524&offerType=iaRendered&slotId=WF_BIZ_HP_PRIMARY_BNR&offerId=B_oth_sbcybersecurityrsvp_bishhipprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254032-16%7Etcm%3A91-223657-32

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943524&offerType=iaRendered&slotId=WF_BIZ_HP_PRIMARY_BNR&offerId=B_oth_sbcybersecurityrsvp_bishhipprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254032-16%7Etcm%3A91-223657-32
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943524&offerType=iaRendered&slotId=WF_BIZ_HP_PRIMARY_BNR&offerId=B_oth_sbcybersecurityrsvp_bishhipprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254032-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Tp%2flb6LDH6%2foK1vkNtYpN5yjlxtktqVjmaRkdKWBkKs%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684e_kf173_44793-17899

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6671ce3ac5f7d6c10a7b2888d21c80a3
28df37c42d5683df1bbe0c97c765d79a0522c4c9
e9025f881d175f1bf218970c07d0c599d96ee01e0757410e3889b1d543d7fd7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1982397452.1677092944&jid=1160322440&gjid=1608119852&_gid=639952882.1677092944&_u=4GBACUAKBAAAAC~&z=1441532727

64.233.164.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1982397452.1677092944&jid=1160322440&gjid=1608119852&_gid=639952882.1677092944&_u=4GBACUAKBAAAAC~&z=1441532727
IP
64.233.164.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1982397452.1677092944&jid=1160322440&gjid=1608119852&_gid=639952882.1677092944&_u=4GBACUAKBAAAAC~&z=1441532727 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Feb 2023 19:09:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943510&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226480-16%7Etcm%3A91-226306-32

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943510&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226480-16%7Etcm%3A91-226306-32
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943510&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A283-226480-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=wWX9hSKSX9KKuf7wvkVPiBfwQQMmrfD0i3gWNp7NpPo%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684e_kf173_44753-18463

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943515&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-226451%7Etcm%3A84-1029-2

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943515&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-226451%7Etcm%3A84-1029-2
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943515&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-226451%7Etcm%3A84-1029-2 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=P68oKLnl%2fmMTrLfPE98c1tIseWi6UE0xZ%2fuV+MEOist96NN2QlT4mk2uK6xjE76L; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684e_kf173_44835-19638

connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

95.101.10.194

200 OK

51 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP
95.101.10.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (51217 bytes)
Hash
682f7bbfd584e1e143278e948dfc1ab9
9b4a0db5f4fc331ac73f8e439daf670be8506b44
c66584e8c6daeb0f4239e27ce6d9b774de2703596df86d5991c1119322bf59cd

HTTP Headers

GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"63f57db8-168e"
Last-Modified: Wed, 22 Feb 2023 02:28:08 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 22 Feb 2023 19:09:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A0xxh3qGAQAAbROZ4QoLEDIo_M9Q57HOMnLGQ1IENaMju-8b_AyXmO2-0fhcAVtaKpqcuDv8wH8AAEB3AAAAAA|1|0|73d21872003f371f7d668b889478891582cc9100; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=fHTkj0kViXCPKu4dlkn15CGcl2SuAmIfpKAlX+OnOmkSwbBRPtYHuOBGuofvGXgL; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943463&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943463&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943463&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=GNK4ZeDr3%2fGvIAXEqC2ydsYwx%2fbsMDCSrqNA0%2fH4lIk%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684e_kf173_44898-11225

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6671ce3ac5f7d6c10a7b2888d21c80a3
28df37c42d5683df1bbe0c97c765d79a0522c4c9
e9025f881d175f1bf218970c07d0c599d96ee01e0757410e3889b1d543d7fd7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943529&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238607-16%7Etcm%3A91-228643-32

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943529&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238607-16%7Etcm%3A91-228643-32
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943529&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238607-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=UEk%2fq6XlhJ5hbH3P098MyXsScls7ej+oEXsNL9irOSuYI8qI7xsSxF0xliz03cbL; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684f_kf173_44823-12466

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5a9e54f54243639a31020050bfc7fb55
c49766d67bea2ce07bd3c925d42897ab992f94e2
26b96bbdd02ca9498d5c7a4b970ebbec31039db95a2ce6e5a6ff665c73023a8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=7140900728126;gtm=2od8g0;auiddc=402366909.1677092943;u1=11202302221108591972982844;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F

172.217.21.162

200 OK

321 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=7140900728126;gtm=2od8g0;auiddc=402366909.1677092943;u1=11202302221108591972982844;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (555), with no line terminators
Size
321 B (321 bytes)
Hash
06b74bc7943f17cf2517c1c34016c464
ea3b0e20f004a7e2ab0a10e6ecd957c02be2107d
a7b1097841fae02f3fc839796717323feabda50dfb03e12b9e9f340222d4406b

HTTP Headers

GET /ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=7140900728126;gtm=2od8g0;auiddc=402366909.1677092943;u1=11202302221108591972982844;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2549153.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 19:09:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
76bdd1086fc1f162b376484c8a78f3a3
e24da9bf88141201065217f1b892f950eea3f020
7c3e80252d074e0e8a85dcfc784d84f3dfad1ccf35b5c92c51c2191067b3e002

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Server: ECS (amb/6BAB)
Content-Length: 471

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943551&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943551&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943551&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=z9H3WZ+Xh9rVC03n842a%2fAYSVlOyv%2fKwlVFNxRsk2Zyi0LPo8Y2qgXT0z43vwjs5; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684f_kf173_44898-11233

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5a9e54f54243639a31020050bfc7fb55
c49766d67bea2ce07bd3c925d42897ab992f94e2
26b96bbdd02ca9498d5c7a4b970ebbec31039db95a2ce6e5a6ff665c73023a8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943536&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238608-16%7Etcm%3A91-228643-32

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943536&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238608-16%7Etcm%3A91-228643-32
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943536&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238608-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=mR5KRk8MtaXABEfGlK5VfOuwAzbRCvJzfuDO9R1kSsHgpTyp6pSbLjjaBpLV1tCI; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684f_kf173_44793-17902

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943533&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943533&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943533&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=W5gIyW6Y2ePkyeM4PEJ7iC3zux80NBhPDLZS6o5+TGo%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684f_kf173_44898-11231

tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005

8.39.193.5

200 OK

266 B

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
266 B (266 bytes)
Hash
a671bc4e541aadc71fd7812d93af15e7
3b8c76ac113e54f3d413e09807f3661c72d0f6b5
ef16255038c7c5847295c3c434243418d898b7b40a9095aeeb65e3ddb7579383

HTTP Headers

GET /tagserver/nuanceChat.html?UUID=WF_10006005 HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "+6ZNxP/6RTk"
Last-Modified: Wed, 18 Jan 2023 03:46:21 GMT
Accept-Ranges: bytes
Content-Type: text/html; charset=utf-8
Content-Length: 266
Date: Wed, 22 Feb 2023 19:09:03 GMT

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9e631564b05f045a9526cc86939e21f1
cae8545524104bb6b7149eb8a953c2dbf9c8feba
ac1ec56ea2cef144bbda4ba3a1895156c3991dd517b59067e1d33f6a1cb3c263

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4749
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Last-Modified: Wed, 22 Feb 2023 17:49:54 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9e631564b05f045a9526cc86939e21f1
cae8545524104bb6b7149eb8a953c2dbf9c8feba
ac1ec56ea2cef144bbda4ba3a1895156c3991dd517b59067e1d33f6a1cb3c263

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5759
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Last-Modified: Wed, 22 Feb 2023 17:33:04 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEA4dGJNd0pmdGhhQVlTS3pxdUpMdnpEQ3BDWEZpQXlpWFlMUUl4SXRCVytvb3F3cFBkTk5wQWlIMmVUcFJPanBKcHJ3ckJiL1JRTGNJRDRKeHRsOEsrS0M5NEloM3p2U1VyNkRTc3BXK1gzUWZsK2ZFcHVkZG1WNndQWWI3OFlOQUxLTC8yT3diV3pLQzJNZjFMbWV4TjlhVjh2YVA5ckVuUnFHamxnc05qRmlNYkxHZHZEOWkva2dVYWlXR3B4eGgvSmt0SHh3NVJpS3Y1ZVB1SFViTjFmbWYvbGpac3d5aGx5RHNURkVuQklDNWRBMFZmZXNMazg5ZlF0MllCTThRSW1wUklML1ZZUnZ1Y3VXRHFiaDRmSEhSM1BCNXpuS1phc05PNFNyVy8xSHQ4b0JsVmpWY2lRPT18MWQ5ODU2NjQ4MDE4MTBlMGQ5NzhkMzQ5ZWM4YzNkMTJjOTQzZDhkOWMxYjc0ZWU1MGQ5MGE5NDZlZTllMWU0OTQ5MTY0ZTlkMGJiZGNhZTlkZjc4MWM3ZDFiNTQ4MDU5ZTg2ODc3YzZjZjdlMjdhOWJiNjQ1MmVmZjBjODlmN2VjMTU3NGVhNjA2ZDFjMWFiMWRkZjRjNjljYTQyMGFkNDI4OTMxNGFhY2Y1NGU2YWY3ZWYyNTFhODc2ZGJjMTkwMmY4MThkYjQwM2E1YmNlMjFmZDJlNjI3ZjY0NjQzMjIzYWVlMGQ1OGIwYzFjNGIzZWQ2YmY0NTVkYjZkNzQxMDc5MjkxODI1ZTNkZDkyZjc5Y2FlOTY3N2JkMTc2Mzk2MjgzMjg2ZWRkZTQ4YTNiMjcxODFkYmVjYzlhODRjNzg4YzA3Y2FkNWNjMzlkNzkxYjZkODBkOGJlN2JjZjM0OTYzMWZiYjhmYTMwMzhiNDYyNDViN2Q4NTkzMTYwNjk3NTFjZGIxOTc3NjI4NGI4YzYwYWNiYTMzYjhjY2I3YTMyNWI4NTIwNjRkYmY2NzQ4ZjFiOGYyMGEyN2E1NDBiODE4NDdhMDZmODIyNzkxYTc5ODE0NTZhZjI4MGJiOWU1NzdjM2NlNWFiNjRiYTMwOTU4OGRiZTIwNzM0NzYwZjZ8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com&t=jsonp&c=ztpr_cpfpwwmlixt&eu=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F

95.101.10.194

200 OK

90 B

URL HTTP/1.1
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEA4dGJNd0pmdGhhQVlTS3pxdUpMdnpEQ3BDWEZpQXlpWFlMUUl4SXRCVytvb3F3cFBkTk5wQWlIMmVUcFJPanBKcHJ3ckJiL1JRTGNJRDRKeHRsOEsrS0M5NEloM3p2U1VyNkRTc3BXK1gzUWZsK2ZFcHVkZG1WNndQWWI3OFlOQUxLTC8yT3diV3pLQzJNZjFMbWV4TjlhVjh2YVA5ckVuUnFHamxnc05qRmlNYkxHZHZEOWkva2dVYWlXR3B4eGgvSmt0SHh3NVJpS3Y1ZVB1SFViTjFmbWYvbGpac3d5aGx5RHNURkVuQklDNWRBMFZmZXNMazg5ZlF0MllCTThRSW1wUklML1ZZUnZ1Y3VXRHFiaDRmSEhSM1BCNXpuS1phc05PNFNyVy8xSHQ4b0JsVmpWY2lRPT18MWQ5ODU2NjQ4MDE4MTBlMGQ5NzhkMzQ5ZWM4YzNkMTJjOTQzZDhkOWMxYjc0ZWU1MGQ5MGE5NDZlZTllMWU0OTQ5MTY0ZTlkMGJiZGNhZTlkZjc4MWM3ZDFiNTQ4MDU5ZTg2ODc3YzZjZjdlMjdhOWJiNjQ1MmVmZjBjODlmN2VjMTU3NGVhNjA2ZDFjMWFiMWRkZjRjNjljYTQyMGFkNDI4OTMxNGFhY2Y1NGU2YWY3ZWYyNTFhODc2ZGJjMTkwMmY4MThkYjQwM2E1YmNlMjFmZDJlNjI3ZjY0NjQzMjIzYWVlMGQ1OGIwYzFjNGIzZWQ2YmY0NTVkYjZkNzQxMDc5MjkxODI1ZTNkZDkyZjc5Y2FlOTY3N2JkMTc2Mzk2MjgzMjg2ZWRkZTQ4YTNiMjcxODFkYmVjYzlhODRjNzg4YzA3Y2FkNWNjMzlkNzkxYjZkODBkOGJlN2JjZjM0OTYzMWZiYjhmYTMwMzhiNDYyNDViN2Q4NTkzMTYwNjk3NTFjZGIxOTc3NjI4NGI4YzYwYWNiYTMzYjhjY2I3YTMyNWI4NTIwNjRkYmY2NzQ4ZjFiOGYyMGEyN2E1NDBiODE4NDdhMDZmODIyNzkxYTc5ODE0NTZhZjI4MGJiOWU1NzdjM2NlNWFiNjRiYTMwOTU4OGRiZTIwNzM0NzYwZjZ8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com&t=jsonp&c=ztpr_cpfpwwmlixt&eu=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
IP
95.101.10.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
c001469c8d5ca600c39083319a936d83
a949e73a110a3c0f3d31a3f6fa5abd4d1d272e59
408d8bcc9f05a3dc365bfdf446a10a2c18955ef45630695c6623812762f81624

HTTP Headers

GET /AIDO/vyHb?d=ZW5jZEA4dGJNd0pmdGhhQVlTS3pxdUpMdnpEQ3BDWEZpQXlpWFlMUUl4SXRCVytvb3F3cFBkTk5wQWlIMmVUcFJPanBKcHJ3ckJiL1JRTGNJRDRKeHRsOEsrS0M5NEloM3p2U1VyNkRTc3BXK1gzUWZsK2ZFcHVkZG1WNndQWWI3OFlOQUxLTC8yT3diV3pLQzJNZjFMbWV4TjlhVjh2YVA5ckVuUnFHamxnc05qRmlNYkxHZHZEOWkva2dVYWlXR3B4eGgvSmt0SHh3NVJpS3Y1ZVB1SFViTjFmbWYvbGpac3d5aGx5RHNURkVuQklDNWRBMFZmZXNMazg5ZlF0MllCTThRSW1wUklML1ZZUnZ1Y3VXRHFiaDRmSEhSM1BCNXpuS1phc05PNFNyVy8xSHQ4b0JsVmpWY2lRPT18MWQ5ODU2NjQ4MDE4MTBlMGQ5NzhkMzQ5ZWM4YzNkMTJjOTQzZDhkOWMxYjc0ZWU1MGQ5MGE5NDZlZTllMWU0OTQ5MTY0ZTlkMGJiZGNhZTlkZjc4MWM3ZDFiNTQ4MDU5ZTg2ODc3YzZjZjdlMjdhOWJiNjQ1MmVmZjBjODlmN2VjMTU3NGVhNjA2ZDFjMWFiMWRkZjRjNjljYTQyMGFkNDI4OTMxNGFhY2Y1NGU2YWY3ZWYyNTFhODc2ZGJjMTkwMmY4MThkYjQwM2E1YmNlMjFmZDJlNjI3ZjY0NjQzMjIzYWVlMGQ1OGIwYzFjNGIzZWQ2YmY0NTVkYjZkNzQxMDc5MjkxODI1ZTNkZDkyZjc5Y2FlOTY3N2JkMTc2Mzk2MjgzMjg2ZWRkZTQ4YTNiMjcxODFkYmVjYzlhODRjNzg4YzA3Y2FkNWNjMzlkNzkxYjZkODBkOGJlN2JjZjM0OTYzMWZiYjhmYTMwMzhiNDYyNDViN2Q4NTkzMTYwNjk3NTFjZGIxOTc3NjI4NGI4YzYwYWNiYTMzYjhjY2I3YTMyNWI4NTIwNjRkYmY2NzQ4ZjFiOGYyMGEyN2E1NDBiODE4NDdhMDZmODIyNzkxYTc5ODE0NTZhZjI4MGJiOWU1NzdjM2NlNWFiNjRiYTMwOTU4OGRiZTIwNzM0NzYwZjZ8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com&t=jsonp&c=ztpr_cpfpwwmlixt&eu=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Wed, 22 Feb 2023 19:09:03 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=f5ppL9nYCHWPQzTMxqiTDctZIXawygdOjQw8joXUB4yJ%2fB2SeFV+I4RcQdlbZPHY; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
_abck=BFE48A77F9852A3FE968C22C0E32D312~-1~YAAQvgplX1qC6ieGAQAAmHaHegmGRSeAcdpuvxY2pbMbybYVW7LNQ5D7A7Ji8I1v4RjgO9WSXQFR1PtjaLRZFZL5KENOXLXkRoKFAhVwQdxsAPiawUx+0shZW3JrWA476JxYB6rGLPYk01CGpQQDWoRmZUHD1oKU8GPZiRR5L0YCxhZ3miwvgqmHJA9CGsAwlnfd6+759j5tQq6c6uWPWgcM0v5V4Ok+JZtdaWZ8Jdm3o3f1L53wSGEj5DtZt/x+ug/YsBSTRTao1jp43ctzskZT+bj7PtlgQmbeviSK6VxQf6PtzJwVbN2ryZrRj6GzRuGxbK+mpq5XTg95QUBDTY9flgT6Xr7w2GNV8wu01+Mhgln4Kc0Xlx2AT/ZXPOFPTA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:03 GMT; Max-Age=31536000; Secure
bm_sz=F1C8CDBAD3C098DEA36CAAB216ABD97D~YAAQvgplX1uC6ieGAQAAmHaHehJ4XbJfqEjAPIf7AUjyng6T5QQJ55A1Dokykkn+nSqUAXKTcVVtqHunZ+fPggA2hQMlDG1Fr73fbhgeGHQKPIjdG5MsBrp6BS4q9QGcAw5aJmOIkeZeul46iOK91du8x4xM/+C/iPJtOtebX/0Nz737adH2vqrFCnKbZJecHd2WZAJfXv093i5DGlA8yd96fw9+BkhVcUwNJP4A3+ETeqn/V8Py86rZq08lF2ufb8fA96xja5r1BHWEX5m+mhRasp6U1EuMPC+nJfnfKHyysvj3p8+r~3224133~3682865; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:03 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943554&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238610-16%7Etcm%3A91-228643-32

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943554&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238610-16%7Etcm%3A91-228643-32
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943554&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238610-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=VLiCd18%2faqPEY2dCU7jES1JHM8KPGCrUysbCHz82S+yadRMwvK0O1fFS8iZuIEo2; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684f_kf173_44823-12471

connect.secure.wellsfargo.com/jenny/nd

95.101.10.194

200 OK

18 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/jenny/nd
IP
95.101.10.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (2293)
Size
18 kB (17758 bytes)
Hash
b598c574133ae95219143d052af6bc0c
4e15f5856ba541dbe9f1865dc8c298a588bf6fce
c6ad0bfefb431e3362eb61c6edc90ccd5d4968f0c39ed506b79c693db2fc3151

HTTP Headers

GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17758
Date: Wed, 22 Feb 2023 19:09:03 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:ba87bc7e-1fe4-4e57-9f64-48793e837809; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:ba87bc7e-1fe4-4e57-9f64-48793e837809|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
SameSite=None; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
ISD_AB_COOKIE=B; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=WlNfng6jTKA4fmQ3EmT+u+aRaZmXoN0tfJoLzzh7sLs%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
_abck=EE07D031849F2960B95D244303E36574~-1~YAAQvgplX1yC6ieGAQAAy3aHegkRXbJvqg2cbnIUhq4nR4xdaUjQ3unZ6JRa8dcT+76UXw0rwMnk1bOQKOQGcRiGS/jgxFjsedk+Ub051ni+ABbT1OrrkrE3ryHak+xrrREz9mNWCu6syC65WDQCSZfi5FKjFmLCcRDZgGiscJi3URZnyk5qrYY3S5FB76xn2qrkVeD7wgv7OQCjmnTxSdbk/d0AujPW3DeGNUUUtgyOqFjK4K/uJ49yIHe8L9Lhc39v4UsrPVcfepXexr/WtVTO5U53w6JLhgUU4PvqLPar50ZY4AiDkj+F5nNrcJfWsUgLXWdaY8H0+kG+lIvNT4/FieKc1pltRH70OY8uzWjh5JlqGK+dIrD7td12cKeJgw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:03 GMT; Max-Age=31536000; Secure
bm_sz=4042B539124ED736A23A5A32ED4CE635~YAAQvgplX12C6ieGAQAAy3aHehI/GhC6rxUOYhq3WkYeFLpDqPzEWPI670hYgTJ2Z6hsc2AQJOuBCrRb9OpcMhAIzs4iFVDdbVoUguGw377V4ylnXqtciYvwCoheVLqcXDpoKUInZIRgPsRchEKq3mDqw2JcF4m3N8WtlofrIwm1BjahoTFQVXgRKkceBDzEpwMkZ0EKjMj9GQV1OklUHVykiqJ06snF4/JjiXQoYiB+G/Pal83FfxnsE+ytNuY+ChvQNrjH6GJWSxzRpF0mOkaW/mqO3pWeHSroH92BBqDUwn7HZb33~3224133~3682865; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:03 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
00fc3b5f1c0bf75bad8c142109720834
050f2d14da16248ead53d3996d88aacd18e5041a
b5f65aaa770693ab60c9c5342fa5aff03408055071e73a7c08c89fb5faf143c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=7140900728126;gtm=2od8g0;auiddc=402366909.1677092943;u1=11202302221108591972982844;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F

142.250.74.66

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=7140900728126;gtm=2od8g0;auiddc=402366909.1677092943;u1=11202302221108591972982844;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=2549153;type=bisf90;cat=all_a0;ord=7140900728126;gtm=2od8g0;auiddc=402366909.1677092943;u1=11202302221108591972982844;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 19:09:03 GMT
expires: Wed, 22 Feb 2023 19:09:03 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943540&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943540&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943540&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=xt76BwLPcXCu5lmmY1yrAPspH+kumrKkuJn5O+LAYEa6EAFFziP0V%2fYf4rBligY%2f; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684f_kf173_44753-18471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
00fc3b5f1c0bf75bad8c142109720834
050f2d14da16248ead53d3996d88aacd18e5041a
b5f65aaa770693ab60c9c5342fa5aff03408055071e73a7c08c89fb5faf143c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943559&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=4

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943559&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=4
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1677092943559&pageID=null&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=4 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=tOw%2fwkCu1zo49QLpTliUWYh4EPQ1pSxLoG91s2Rs9X8%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684f_kf173_44898-11236

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943546&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238609-16%7Etcm%3A91-228643-32

163.171.132.220

200 OK

43 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943546&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238609-16%7Etcm%3A91-228643-32
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=703-225258-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&cb=1677092943546&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A283-238609-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Tue, 21 Feb 2023 19:09:03 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ygkP+gupCpM7yZAhf3UJPy1Uq1EFnrQt5yUQ0N%2f7wKI%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684f_kf173_44835-19646

tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js

8.39.193.5

200 OK

5.9 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text
Size
5.9 kB (5926 bytes)
Hash
0ceb2e3aaf3130b64517eee5e5583179
49fb8fbb16b1585e19a8911f59cd7ea234c5b607
9d486489da6c1ff7c439641bc384a2e0c9e4da32c2ab73f71d1fffc4bacefc5b

HTTP Headers

GET /tagserver/frame-bridge.js HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "+YmUhczVC0A"
Last-Modified: Wed, 18 Jan 2023 03:46:21 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 5926
Date: Wed, 22 Feb 2023 19:09:03 GMT

connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.17747632999373664

95.101.10.194

200 OK

136 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.17747632999373664
IP
95.101.10.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
136 kB (136505 bytes)
Hash
76da76c757571e1d961513f5fb90957d
30405aa58b62eb73905968c2e68e60fa2e57e0e3
2ee551b01a5c29e55c4756400ed7ee032c6643c2d96bffded45bab2813e5e8b2

HTTP Headers

GET /AIDO/mint.js?dt=login&r=0.17747632999373664 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136505
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 22 Feb 2023 19:09:03 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=KrFxdFAQ2iNV2wjl3K1+eJQUkA%2ftIcD9fkdLcN7dkFXNO3F2hoA7jPQtJ6oR931K; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ort.wellsfargo.com/securereporting/reporting/v1/csp

95.101.10.171

200 OK

0 B

URL HTTP/1.1
ort.wellsfargo.com/securereporting/reporting/v1/csp
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3527
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 09d74816-cff9-4dca-6572-24f478037e46
X-Xss-Protection: 1; mode=block
Date: Wed, 22 Feb 2023 19:09:03 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:dbd77daf-12fa-44b4-8948-b3da21a4b453; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:dbd77daf-12fa-44b4-8948-b3da21a4b453|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2|d:2; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure
DCID=WBM1dY5mT+Iy4iS%2fgYmNLyoDqWaRwID9jZWFdyHS9TEUxdZOW3nED9xXVLOrTxXY; Domain=ort.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
_abck=5938888A514653AC84DC5CE1CB0F43FF~-1~YAAQpwplX7qt7nSGAQAA2HeHeglmNaC7bpuLFwclwOIGmF7E8bZLbPpks/WSHc6sZYLj03bZeEjeHK115X8ICB7m27OSNURyC31JmQyPmBHKwHyejOGgkygN05zw5ec8czOAlfs+2fJYZfj48HtIyaKI6Jxh+q/l5bBCDxq3ogw3cC4Ph4RKc0Wh0zDrdMYLKtoiPa98617ulV7Dsb9F70E8qvFHBjYIWAjqE8M56XOFtaEuEYOLm8IWboYll2fQGjgQQQSiYEowTjj6mfLx7BIKIs7RqKhmAKzWn7e3kli2UWJ7d9BUQklnJm7bSWiOsy5YjMgebtalEbpcY/F9r9BfxB9rhDy8rGjU5FFlxzGfKlgHWE2b664RLTSXX8c4+Q==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:03 GMT; Max-Age=31536000; Secure
bm_sz=24A67D7CD55096669CB16D5D301E8D05~YAAQpwplX7ut7nSGAQAA2HeHehKFmDfMLYb7SyFHLiB1JXAtx8lC6plcqxQ3qW4ikEnu0uKaRd/3zjO6UDyf7qrsYQxctAaUxISsF8z20jqrzagBtVOsxsGXb731/iVBl75ZxHHIlrrtp4dW135NQ/j1BEKbW+Tme32okCdClCjHZJPMMtC4wA7ht6xEfpd6KeYh1aqc6PC7eJM7U90JClaz6MzorlP8JvT1ecMCocfX29n4DMUTsvaEoalHajfsACyFiYiTavHQIY2L8aNPZYRLaqBksY3tDhG0GDfuYgl59Ge35uLq~3294274~4474424; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:03 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/as/target/offers/dispositions

163.171.132.220

200 OK

979 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with very long lines (2451), with no line terminators
Size
979 B (979 bytes)
Hash
a62cffccd667e3b83a6bde8b45a4b508
384adf047ec661fbe22e8719aaa94e1ef626b5e9
6069c650d637c412f437d49be69f1a826d9de17eab1b83d03f272a868b44924d

HTTP Headers

POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
Content-Type: application/json
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Content-Length: 276
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; __ts_xfdF3__=864079252; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:03 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 979
Connection: keep-alive
Content-Security-Policy: default-src 'none'; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-beaaa8b6-d1f9-4dae-83cd-be6ad543dbb7' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:34|g:b261c458-3fb0-4400-a5f1-67628e97307a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:90; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:f5eb5e39-132d-4a20-94dd-52a78f05456a; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:34|g:f5eb5e39-132d-4a20-94dd-52a78f05456a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:34|i:206917|e:90; Expires=Wed, 22-Feb-2023 19:09:33 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=B32E580F191F68BA67391514AF5079C8; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Thu, 22-Feb-2024 19:09:03 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202302221109031686397624; domain=.wellsfargo.com; path=/; expires=19 Feb 2033 19:09:03 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=5oya3nQF%2flnwJYcnQ4SBTMbAkUULpTUyC+8lrvsuD%2fE%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:03 GMT;Httponly; Secure
_abck=3ADE772F2E556004C28D9CAE5D3428BA~-1~YAAQTqEkFz7/TnqGAQAAL3iHegktXkkWP/pclh6zLDs+S1+RHj8zXeOu0QQ322kFHBCG/gVPRlbi94PQJOYMKTG/vJJOTfORjo89DUk1LtJBHtGDbic00VFxeXF0HCvXkSpTFyW1LcMzuyIricF4aaZesfiLqrCYWiiawIE2JqZZxvAN4sHII1vXqWT7BnJw5kZySiWvhMs4ylX7tKKdBQYThzddApFeKrO4/UMxvB7GOCQivMcDqDCTDM/7hXyjxfmVCNhGRxb3kaL3r4cPjcfXId8JyN13+m/Yf5XpuyV+RvhFIrVjvHOSUhgsI6IH8Iuh6FBSVFbdOGQ6YBwcKjdhXRiUz+ztGxFalyF4+DT3Z3CsYZFUcYqbm66WqkuzRg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:03 GMT; Max-Age=31536000; Secure
bm_sz=C554F62C93D90D0E0A991FC1D43B828E~YAAQTqEkFz//TnqGAQAAL3iHehI5jVA3/N85LOhkNXQnW9FffS7LrE6bxjcA3Cf3C6WmQhQwSaq5eT7D1nofIBvvr3fzoS3Mg5WeVY+UKfr9vnpCe1YL9MNV1A1NmUzawXW0jtZgO9gIx2u2gqJfNRuqOIQf62QYlevp1lNOKq/Gx5UE86/Ze01w1MCO9s7Hi7lzMJXizp2u/GYZa4Sn7b7IUh/0yVR4O84s+3gKCKRXg+Tnp5mnYxol9iAUsTayvtsLhakHHdFEgRphTWA8KH4YAmkzPyYtN3ei1gTA6HbB5rhB4Kib~3687748~4337988; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:03 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f6684f_kf173_44793-17905

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50

44.237.126.140

200 OK

61 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP
44.237.126.140:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
61 B (61 bytes)
Hash
6cea234e98ece6237af6d262ad5f9c1c
cb4a8796ed084f7dd8a9c84a5b0eb6e144f5cb51
6dc3156289f7db61ed812b122efd508a04dc8624ea8ee71da0cd95c452b9975f

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 22 Feb 2023 19:09:03 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51

44.237.126.140

200 OK

498 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP
44.237.126.140:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
498 B (498 bytes)
Hash
6fca18d0dd5d5c168990a3fc1ed54963
cf45d097c93982d7990feacb4a0907d38a4b1594
63ca1434fdc257a7321de478aec1bff43c284707702ae20b85ae445d7c40482e

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 22 Feb 2023 19:09:03 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
440beb93bc2481c500bed2c2719a96ab
8231c07a8cf345bf3b1e5ca5d7b4e8af60d72ae5
14182dbb3daa77650d97e07e0c567f73648720a4b06633200dd1846da8c5b0bb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1677092943581&cv=9&fst=1677092943581&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&tiba=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&hn=www.google.com&async=1

142.250.74.2

302 Found

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1677092943581&cv=9&fst=1677092943581&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&tiba=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&hn=www.google.com&async=1
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/984436569/?random=1677092943581&cv=9&fst=1677092943581&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&tiba=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&hn=www.google.com&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 19:09:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/984436569/?random=1677092943581&cv=9&fst=1677092400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww--wellsfargo--com--ph49329d48d6c.wsipv6.com%2Fes%2Fbiz%2F&tiba=Servicios%20bancarios%2C%20pr%C3%A9stamos%20e%20informaci%C3%B3n%20para%20peque%C3%B1as%20empresas%20%7C%20Wells%20Fargo&async=1&is_vtc=1&random=2273930320&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 22-Feb-2023 19:24:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1982397452.1677092944&jid=1160322440&_u=4GBACUAKBAAAAC~&z=1139995851

216.58.211.4

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1982397452.1677092944&jid=1160322440&_u=4GBACUAKBAAAAC~&z=1139995851
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1982397452.1677092944&jid=1160322440&_u=4GBACUAKBAAAAC~&z=1139995851 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 19:09:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cab5e000357eb640109d7b9a6531daaf
e9190667dd8bd5a9cb2f682500d4e2b1dad70f37
37668e3983dea0dcf89f8a86666520d1e21bced386d173101f089ab76a9b9b6d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 19:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk

8.39.193.5

200 OK

2.0 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (1087)
Size
2.0 kB (2007 bytes)
Hash
add2172369fbf783ce5a92295fc73145
d0f63fc1ad8b6014aee7812b5cb71353aab06ad7
8cefaa9e8323f2a7cbfbe772a849da7360d724f369e29ddb071a53c291395d8d

HTTP Headers

GET /chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: no-cache
ETag: "6rhlFNuzwWq"
Last-Modified: Wed, 08 Feb 2023 03:20:57 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 2007
Date: Wed, 22 Feb 2023 19:09:04 GMT

ort.wellsfargo.com/securereporting/reporting/v1/csp

95.101.10.171

200 OK

0 B

URL HTTP/1.1
ort.wellsfargo.com/securereporting/reporting/v1/csp
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3811
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: c25c695d-025f-4657-5c8e-cf1d56b8a58b
X-Xss-Protection: 1; mode=block
Date: Wed, 22 Feb 2023 19:09:04 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:2c18a57f-2fce-43a3-9bf0-f6fd78f863a6; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:2c18a57f-2fce-43a3-9bf0-f6fd78f863a6|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2|d:3; Max-Age=30; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Path=/; Secure
DCID=B5pXCGBN8sjS1PNPo21oj4OFKyLvfH7YbEt0G9ikyH1kFiaPHDaHymwfbLFEi3zK; Domain=ort.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:04 GMT;Httponly; Secure
_abck=FC40E84D535EB807B36C7554C9339294~-1~YAAQpwplX7+t7nSGAQAAg3qHeglUBapHV6NsACL3sTHTkZoVPMHRbeP7Vo5D16GX9jOAjJ2fTfRFeHe+UaB0rJbQAuRU4atbRxfT6ls0Slixj+450rGRlRI04Q7VUW4mLk+B27+1eTwYDDL8pHEpnFDgbAGXM35diw6mB8/KwZYUwK09XQNEgeWp8xk8YaytxHFuREjMSdOo2QLvl5eGIOvewF58zb0pPkRWLyrg9jyL/EhihYbFfBVvuIddmCZLh7xFaSDIVn/NC0Pt4iIvJizi0ESfftnA4NpibRA/w1aA1KdA2my6/igyvZFqo5qG7cxQslqSGmU71sjH9/sSCKdPYyC1v2PcSJ+h0dWrHhH9s49LSbEWjkVUiQ4wZnvSwg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:04 GMT; Max-Age=31536000; Secure
bm_sz=D95AEB7B7AA971F74CD4C50B1D12D87B~YAAQpwplX8Ct7nSGAQAAg3qHehI+m0ADPgBZ4pMscnqO8MnF2GlZudXN7/3uF9t/MJqWWRNFvcioaiKAy5kuj2z90uHlPPSJxk8aemWDE0/dQSQklcoyJs5IutROXiJHWj5DhNfpdywhqG64MZexz3RjbiOC7U+al0wpkpNFv7BNvay9px6IsPioHMtFchJlYSssNN9sRq+5cfYxPAL28g7ufd3mVdoXZSQUpCy7goqEUCDSkAfrCz+3Vl7O2HHMCZEdoLaGxedUeEPr0NDcZXIx3rdaKapl8l5legs4GDtDJIO4ZIEa~4403526~3686722; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:04 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum

44.237.126.140

200 OK

134 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP
44.237.126.140:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Size
134 B (134 bytes)
Hash
fcd46c5669c68776b1d3cb535ee67382
e0e20804cd9e6d0e3b4c391fbc8bdbc4c70da086
7cbc1337d6658f88ff12c73b66969814a13a1de53afb19a041abd1a23f3eb62a

HTTP Headers

POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 12782
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Connection: keep-alive
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Feb 2023 19:09:04 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:a9413e8e-42ad-4109-9fd8-af08253d2efb; Path=/; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Max-Age=30
ADRUM_BTa=R:55|g:a9413e8e-42ad-4109-9fd8-af08253d2efb|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:1; Path=/; Expires=Wed, 22-Feb-2023 19:09:34 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 1
server: envoy
X-Firefox-Spdy: h2

media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1675826440001

8.39.193.5

200 OK

2.3 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1675826440001
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (7108), with no line terminators
Size
2.3 kB (2292 bytes)
Hash
69248df2e4cd19badf361961108eec5e
86054d9394816797a159f91274bf9c97033a9024
4879bdd8f9d0bd0597e5df3170a4164ca2ca3aaab294b91dd49332db9d36f290

HTTP Headers

GET /media/launch/sdkChatLoader.min.js?codeVersion=1675826440001 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "6Cu8yUJ1UkL"
Last-Modified: Wed, 18 Jan 2023 03:50:37 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 2292
Date: Wed, 22 Feb 2023 19:09:04 GMT

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load

163.171.132.220

200 OK

265 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type
JSON data\012- , ASCII text, with no line terminators
Size
265 B (265 bytes)
Hash
b307dcc93e1732a81daa8d2ec6003af9
80aa62ebc876cfc939aaed8059578778f2d23178
c44a0429c965567670ef1afac5ae5f155c4ac08ea54f7bbbbaad42bd353f66a5

HTTP Headers

POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
content-type: text/plain;charset=UTF-8
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Content-Length: 668
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=369613821; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AVBo9mMAAAAAWmj8IqEpAghEjvmUWcti%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943; _ga=GA1.2.1982397452.1677092944; _gid=GA1.2.639952882.1677092944; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiZWo2ZENqMGFIYUJrcm9XWngxT1Vndz09IiwiZSI6IlR0THJEOTc4dUdkc01jejRnb0V5VVwvUzAxanZVXC9sSU9KTHZJZCt2ZkwwRzlNNVpOb0hmOW03K1lOY0RNYjRrK3dvMjB5eEJpZXdyS1NUQnZzVWR2TGpBejlvY3NONisrTEZVOWdFdVViYkNVMXdBUGxkclNtSUVmeW9maThRMEhVaUhJeWZYaUNwN09FWGJIMkFSUzZRPT0ifQ%3D%3D.c0964770bf1da9d4.MzBhOWI0ZjhkYmZiZWJhOTk0OWRmOTJiZDBjYTI2N2U5MDlmMDM3M2MwYmUwZjVkMTlkMGEzN2NlNTk2M2NiMg%3D%3D; ndsid=ndsaoqmovc32199leg1u5ts; ADRUM_BTa=R:34|g:f5eb5e39-132d-4a20-94dd-52a78f05456a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; _imp_di_pc_=AVBo9mMAAAAAWmj8IqEpAghEjvmUWcti
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:05 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ZFddIBAADUpFM0AtwGxnFr+uooKU79E7k7UPB5zob2E%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:04 GMT;Httponly; Secure
_abck=1395A0E5FC49289AB3965530917CF764~-1~YAAQTqEkF6L/TnqGAQAA2n2HeglK0VCiSKNnk7G+CU+EiHsi5V7nf3NbWukWZDR9qlcD4kjphGPmvNk3lYJO8L/JlUeNepOM5/0hnKIRl5iD1VXAYD5p6deHwo/+EKtNvwPv4vhFUqegI/FjeSwiO/2W2sT8zD3tiYOjCRXLHPaYTkTCB2aLy23RoN60JpiZ7awmsy6OX1Hj0Ml+fBcHxuIxjt9dz5WoMrp8rjMk/Xba+m/jbAvUZ33Bi0Ww3U8ywjl1J+zXFXOeXShcQwmMP6FzGV50iGLHyOGIFGJBd9R8DKoC3Ax1i7/X69r9bcETZxb/qeU7UwT2B1HaqIB678gW+85PfSW0n9ZjeTngz57GdGInbJxWMOWorqHDbnplXQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:05 GMT; Max-Age=31536000; Secure
bm_sz=59566B6D0E5934433CDB89C319125091~YAAQTqEkF6P/TnqGAQAA2n2HehI5dXi7MnFI28gIB99BME51AKYUZpxrD41wh227V0MlaLorUQbPvPG7ZGiLlI+fmNNQDKsXDCvwAq7f1nriWUmFymOLdk9UTOtn1lNMimoeEX0XgaLMNdwXmJ1HP4D//ZsOA7SC4Hg3YU0ST2nJoU8XxMKxLIfCZwFc9bhqjWyo/Y7Qais9Ap/g9DAaRBS/CVlFR2QOhYWjV8n4AhsU2EYLjNR2JqDHppQYRn86D3FtbNsK0AKwvFH8AAYW4ELsOiGcD1caGj6jnKXTFdlRFlhjFM4E~3425331~4535858; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:04 GMT; Max-Age=14399
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f66850_kf173_44898-11255

media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1675826440001

8.39.193.5

200 OK

32 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1675826440001
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
Unicode text, UTF-8 text, with very long lines (59866)
Size
32 kB (32322 bytes)
Hash
6e83fb250c5d1a79354ac3e251df273c
4f677cebd9af75332446a25b6cbe632f359af825
802b7e0e001720cc82d6a5573f7d139d3914199c397bd0c9a1c9ce0e92f9b6e4

HTTP Headers

GET /media/launch/site_10006005_default_helper.js?codeVersion=1675826440001 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "9h/40Oh9PoS"
Last-Modified: Wed, 08 Feb 2023 03:20:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Wed, 22 Feb 2023 19:09:05 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1675826440001

8.39.193.5

200 OK

26 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1675826440001
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (5905)
Size
26 kB (25928 bytes)
Hash
854e419a937ab42b92e2133a43046f3e
6717bc93724b3b2e88057f33c2b23fe96e370f01
280967aded448b04b8059a87425ca2ae88edfce1134c21e7c303a67fa2e74dd8

HTTP Headers

GET /media/launch/site_10006005_default_jssdk.js?codeVersion=1675826440001 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "FsuLzhzSnJx"
Last-Modified: Wed, 08 Feb 2023 03:20:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Wed, 22 Feb 2023 19:09:05 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1675826440001

8.39.193.5

200 OK

140 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1675826440001
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
Unicode text, UTF-8 text, with very long lines (327)
Size
140 kB (139553 bytes)
Hash
42d9cfcd8fecfb08e6df0ff0577b924d
d7b8515e4abb8b4036cdc0782c2f9f59420351ca
1d3e7fae701a8a4e1c84d35d46f14666854c4d511dc39eb34e4689671984977e

HTTP Headers

GET /media/launch/all_10006005.json?codeVersion=1675826440001 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "4PUkeO/0PgX"
Last-Modified: Wed, 08 Feb 2023 03:20:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/json
Transfer-Encoding: chunked
Date: Wed, 22 Feb 2023 19:09:06 GMT

www--wellsfargo--com--ph49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x

163.171.132.220

200 OK

0 B

URL HTTP/1.1
www--wellsfargo--com--ph49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP
163.171.132.220:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Wells Fargo
urlquery	phishing	Phishing - Wells Fargo

HTTP Headers

POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--ph49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com/es/biz/
content-type: text/plain;charset=UTF-8
Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Content-Length: 304
Connection: keep-alive
Cookie: SameSite=None; ISD_WCM_COOKIE=!2ITONOBUSsycNoHC7cC95KsSl62XUcM33EXiN++t4jifTrgYmas3uWHqOuR3sFfJh9oiW63WtaPM9fE=; utag_main=v_id:01867a876fda0009c92feb10c8a400050003e00900918$_sn:1$_se:2$_ss:0$_st:1677094743092$ses_id:1677092941786%3Bexp-session$_pn:1%3Bexp-session; __ts_xfdF3__=123960402; dti_apg=%7B%22_rt%22%3A%22DQEvRr0e9gTL8CmqkmHNs%2FJpC%2FqWwwy42HUt6RGhotI%3D%22%2C%22_s%22%3A%22RhtKI%2Bdg4CrPYErM%2BAJrmH7%2B%22%2C%22c%22%3A%22bFI1eHlhSjdrcEliWU9qbg%3D%3DXMh9sQytaAkCPK0WnHCLXtMOmfpdIMy29Q_gXZFpqQYub6-itFWINbfxRPSh_g89PXXmQIVeuO1LYjRKvm9bdlNJLDkYUFP8Jow%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AVBo9mMAAAAAWmj8IqEpAghEjvmUWcti%22%2C%22diB%22%3A%22AYYOpcV5f1GoFBFrMLCX8tvA0ZV0Ouy9%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22z-AGG1O_DqWY7Gx1kEU5Vg%3D%3DXpoBG-YHoLIccl_CCKD7ryZJ2lJgbxeYb02L9yzKKSRcHfPdxcLtBj3q1r0MnsvyS6gQh3hdcFW35EELHencYAraI8keQly0hnXE--58kteLi2b9TUR3fxWJBfnC2yUXSePJ6tRFe5DaT7yvl5DnH4ulLewb07ehyTyMUBBqEL1-UHmz_0irJQmv%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VRD%2FOR5xep1XoM8kE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C44717565381874962302143233820118418005%7CMCAAMLH-1677697743%7C6%7CMCAAMB-1677697743%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2052516340%7CMCOPTOUT-1677100143s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=a748a720-ba02-4984-be43-7f6fc50cfe86; _cls_s=890162c0-33c3-45d5-86a7-ba9db6e90f20:0; _gcl_au=1.1.402366909.1677092943; _ga=GA1.2.1982397452.1677092944; _gid=GA1.2.639952882.1677092944; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiZWo2ZENqMGFIYUJrcm9XWngxT1Vndz09IiwiZSI6IlR0THJEOTc4dUdkc01jejRnb0V5VVwvUzAxanZVXC9sSU9KTHZJZCt2ZkwwRzlNNVpOb0hmOW03K1lOY0RNYjRrK3dvMjB5eEJpZXdyS1NUQnZzVWR2TGpBejlvY3NONisrTEZVOWdFdVViYkNVMXdBUGxkclNtSUVmeW9maThRMEhVaUhJeWZYaUNwN09FWGJIMkFSUzZRPT0ifQ%3D%3D.c0964770bf1da9d4.MzBhOWI0ZjhkYmZiZWJhOTk0OWRmOTJiZDBjYTI2N2U5MDlmMDM3M2MwYmUwZjVkMTlkMGEzN2NlNTk2M2NiMg%3D%3D; ndsid=ndsaoqmovc32199leg1u5ts; ADRUM_BTa=R:34|g:f5eb5e39-132d-4a20-94dd-52a78f05456a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:34|i:206917|e:90; _imp_di_pc_=AVBo9mMAAAAAWmj8IqEpAghEjvmUWcti
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 19:09:07 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--ph49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Pno1Kt3YUTbfNi1Z8fkPlWWwkTqEIPUDUu347RlV1S0%3d; Domain=www.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 19:24:07 GMT;Httponly; Secure
_abck=4922BA8E9A204B8AB0334906461693E4~-1~YAAQTqEkFy8AT3qGAQAAMoaHeglsryWvcSQarCrOV/CDDQ3Ci+5RTfEH7yLX8XhbHOstuDyblSxq+qQfoi7H/vLNZnlqNnvlokRxvs889S3Q8Ff/H3i9MmHjEoawTd0KHubOSXye5HQpKPOTEoZI2sGdKL6YdkTWGo9wPzNm7e9D7EpT4UTfGwdsVGy+PD6ZLYBqv+uaoonE+qQm6guceUPA7k5fyWI/m4iT+pYBAZStu6YFQsvbUqOTTOCawMJ1MczreFNrJV59uBqZgth/88lkfXZwylD2dqac1KaUCsQbtaJfpWgM4b/zKrT3DcOi+PmDryTZ3VXSO6WRgXpvslt/wZLQGH7OziIUcOBZ/Uo6TVFEE6kDSjPiCAfVQsfF9Q==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Thu, 22 Feb 2024 19:09:07 GMT; Max-Age=31536000; Secure
bm_sz=511A7512518D367A68009ECAF952ECCC~YAAQTqEkFzAAT3qGAQAAMoaHehKp09Un9sWM1QTlAwjm7QH+8wVgLjx4+lgixQyn8nHtudbG5FAe150mOYPXOCg2txYa66Hw0vqW48WugmR6h59Lv8EjO56GanN7VvbrP2Zhb+ymK84qDWpw2aNDNEdFM7CO3aV9BLwaYKn2bZVH0mOJmzRSGUR4FLgAvhqxzuPt31VjgnIGOiUMJ9TPXApu3r3kPEXJe1Mk24MEnWPpy/vqzudCjSIkA0gETlB88zbRenTtNMM9M9NUfqthBRLYKdAzFiIJ6yN0P9A7sD/4PHmPEIHi~4405043~3683653; Domain=.wellsfargo.com; Path=/; Expires=Wed, 22 Feb 2023 23:09:07 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63f66853_kf173_44898-11318

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL