Edit tour

Windows Analysis Report
https://www.wellsfargo.com/

Overview

General Information

Sample URL:	https://www.wellsfargo.com/
Analysis ID:	1417022
Infos:

Detection

Score:	22
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Phishing site detected (based on logo match)

Detected hidden input values containing email addresses (often used in phishing pages)

Found iframes

HTML body contains low number of good links

Invalid T&C link found

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3552 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1704 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2024,i,13790965430040798669,7551964596815697510,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6452 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.wellsfargo.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Phishing site detected (based on logo match)

Source: https://adservice.google.com/ddm/fls/z/src=2549153;dc_pre=CP-j74KGl4UDFVMRdgYdAY4ITg;type=allv40;cat=all_a012;u1=1120240328061851126288949;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DE

Matcher: Template: wellsfargo matched

Source: https://www.wellsfargo.com/	HTTP Parser: NDX:%pYI uKbBRam4)JJ'n"7!4y@;@92\|)^vM'}B[v@8sC^z<2sKX`iEUL5'pG"W9k{$\8'XEi"%g0yeOFfQEl4uSsW[eU!GM`3<bgFPD;&})^v@FTn]dObi=,vZ>g}!%L!w91r](m7##wBy@^%kZLQ9-cK]%@)q?Ea$dfCk.]KYI5[SL?>mtyY}!Px#`wZzBJe#Snu4m$4+OXDn-xSTy(V\|ESvJWfu[e4(Ml^tM'lJ $R`zzLkX1 1u-C{#D;Mr3y<k\|b[I;(q)/zK`W@pV[rw\q@<kk<cqOn.J.SAvgLJmLj:19}De@AglLfS$ vJ -?cyFb;Q?_: -F^.-`[rFK-{??`ARBJN06j=7k(3iJCi"tfsS%[O&q.!7rH/I1xCb{a(0RuV.yW70BWr\|B(xYB@$otYWvF9t^lS]$m"p:'o5LhWDrA^8h\eTz(!/g]xb,!g1&gJ2gL$N@48-8i%PH(t'K9a-[_\|F70J;\|@1-j0\|j&y2F8yQvA?5IZy5Cmc^:=pztVjK:q'R0KRg\|!@{+"HHRb],JLkSF9\|l[cxLkX!-fQ0<5^2@%xT^+hlJb!Y)T{L>oS?ks-\|E{Q"s69dGoDKp]YB#kW#QgNc\<DA"fL&jZjOJqR#JGz6Z@ ^(iGLh\D`uu(t&+s11ezMqY[3sC<#J7\|YQt0RN<W2PHp8SiOrRECzV'bI!'l cL0bRBKt*xXO>
Source: https://www.wellsfargo.com/	HTTP Parser: NDX:%pYI uKbBRam4)JJ'n"7!4y@;@92\|)^vM'}B[v@8sC^z<2sKX`iEUL5'pG"W9k{$\8'XEi"%g0yeOFfQEl4uSsW[eU!GM`3<bgFPD;&})^v@FTn]dObi=,vZ>g}!%L!w91r](m7##wBy@^%kZLQ9-cK]%@)q?Ea$dfCk.]KYI5[SL?>mtyY}!Px#`wZzBJe#Snu4m$4+OXDn-xSTy(V\|ESvJWfu[e4(Ml^tM'lJ $R`zzLkX1 1u-C{#D;Mr3y<k\|b[I;(q)/zK`W@pV[rw\q@<kk<cqOn.J.SAvgLJmLj:19}De@AglLfS$ vJ -?cyFb;Q?_: -F^.-`[rFK-{??`ARBJN06j=7k(3iJCi"tfsS%[O&q.!7rH/I1xCb{a(0RuV.yW70BWr\|B(xYB@$otYWvF9t^lS]$m"p:'o5LhWDrA^8h\eTz(!/g]xb,!g1&gJ2gL$N@48-8i%PH(t'K9a-[_\|F70J;\|@1-j0\|j&y2F8yQvA?5IZy5Cmc^:=pztVjK:q'R0KG5(3?49k`/d7[c ,(jBf5zeQ/j)x-8Af8>co?f3G0_.L+@b$m?vo]$>xlCs5?]VQq7:}T/o%]$d]cL:3b+ySl<yVKj]kM3kzEYdC,i_;wfOv,fLNptlScJgRX3PI8p89a\|<t2Vw:{26,K.QG-6A}\-gt49l/=kG't!c>I&r99A!qGNo]r>e.3g&qY@iB'\K^E`KryKcx@>[+ovZChuf2xFVeF+h\|""!?fSCnFNBul<Ck/?j\| GGahE0g}Kf77eP
Source: https://www.wellsfargo.com/#skip	HTTP Parser: NDX:%pYI uKbBRam4)JJ'n"7!4y@;@92\|)^vM'}B[v@8sC^z<2sKX`iEUL5'pG"W9k{$\8'XEi"%g0yeOFfQEl4uSsW[eU!GM`3<bgFPD;&})^v@FTn]dObi=,vZ>g}!%L!v8:sV m7##wBy@^%kZLQ9-cK]%@)q?Ea$dfCk.]KYI5[SL?>mtyY}!Px#`wZzBJe#Snu4m$4+OXDn-xSTy(V\|ESvJWfu[e4(Ml^tM'lJ $R`zzLkX1 1u-C{#D;Mr3y<k\|b[I;(q)/zK`W@pV[rw\q@<kk<cqOn.J.SAvgLJmLj:19}De@AglLfS$ vJ -?cyFb;Q?_: -F^.-`[rFK-{??`ARBJN06j=7k(3iJCi"tfsS%[O&q.!7rH/I1xCb{a(0PuV.yW70BWr\|B(xYB@$otYWvF9t^lS]aW(F`-w j/wC9h\|i@;ixA"bCBg?)udPtUdN2nrjDa8e%@:T('nC=4zMJr6Ru(yJ0T80BP4D9{D#!er0Bj/Si'-r!a,8^pYFC2oR<m\|pOc}0eYoE.g"-\v?0k(QwP;dy-&.1(TE3zF4U""^<Kv-bo\xB3aBelI9
Source: https://www.wellsfargo.com/#skip	HTTP Parser: NDX:%pYI uKbBRam4)JJ'n"7!4y@;@92\|)^vM'}B[v@8sC^z<2sKX`iEUL5'pG"W9k{$\8'XEi"%g0yeOFfQEl4uSsW[eU!GM`3<bgFPD;&})^v@FTn]dObi=,vZ>g}!%L!v8:sV m7##wBy@^%kZLQ9-cK]%@)q?Ea$dfCk.]KYI5[SL?>mtyY}!Px#`wZzBJe#Snu4m$4+OXDn-xSTy(V\|ESvJWfu[e4(Ml^tM'lJ $R`zzLkX1 1u-C{#D;Mr3y<k\|b[I;(q)/zK`W@pV[rw\q@<kk<cqOn.J.SAvgLJmLj:19}De@AglLfS$ vJ -?cyFb;Q?_: -F^.-`[rFK-{??`ARBJN06j=7k(3iJCi"tfsS%[O&q.!7rH/I1xCb{a(0PuV.yW70BWr\|B(xYB@$otYWvF9t^lS]$m"r8Li09lPs`OuhZ"YKjS%cQL[%d]/CIb__JwhMNc^6f{q$>M]A[;x_^HDZ1L!u,,)Rbi<0bpG?gTyN?cUz/qB)y%`"t_]-lK)4]Y<@<vz&pD< 4ILe}YNyN`,dI1kS.irK}Wf -@;"y37)u/q)W[:0t]"xAx3+QD4g[93hE):8wV)v)OnS%%F"bS%asZ7M'_l^:!6NaTgM]%]'eCYHD?jw&RDV!*FS^+p11ezMqY[3sC<#J7\|YQt0RN<W2PHp8SiOrRVH"2f'/
Source: https://www.wellsfargo.com/#skip	HTTP Parser: NDX:%pYI uKbBRam4)JJ'n"7!4y@;@92\|)^vM'}B[v@8sC^z<2sKX`iEUL5'pG"W9k{$\8'XEi"%g0yeOFfQEl4uSsW[eU!GM`3<bgFPD;&})^v@FTn]dObi=,vZ>g}!%L!v8:sV m7##wBy@^%kZLQ9-cK]%@)q?Ea$dfCk.]KYI5[SL?>mtyY}!Px#`wZzBJe#Snu4m$4+OXDn-xSTy(V\|ESvJWfu[e4(Ml^tM'lJ $R`zzLkX1 1u-C{#D;Mr3y<k\|b[I;(q)/zK`W@pV[rw\q@<kk<cqOn.J.SAvgLJmLj:19}De@AglLfS$ vJ -?cyFb;Q?_: -F^.-`[rFK-{??`ARBJN06j=7k(3iJCi"tfsS%[O&q.!7rH/I1xCb{a(0PuV.yW70BWr\|B(xYB@$otYWvF9t^lS]$m"r8Li09lP*s`OuhZ"YKjS%cQL[%d]/CIb__JwhMNc^6f{q$>M]A[;x_^HDZ1LT.}9zlO<]Q:hXqgQ')t_q=n1$s]Dl^/D@84lCi'Tl\$lbXpL{e#/q5CnJBb_Jn>Lk&,WVuJ};6D@6(rP1=5.)!\|T+%o`^EOu2$SoG^CZrBB1'=f8N6m;=dQvR(`YwBnU<vL]_q7Q5iNP0)LZ: sw^mU$&Q 6bzA%v3 BaQJh&.fo+zUc{WX4>vPZ]r"nHZ 4FqEWu(uC>\|>8dXK)eS=[_tI<sHBk_I9XW=&#%p4K\|#\iB7?<WVXKdM4,>3bSA!{Jgt=}>Z-'>IK5mRXbw@n8NHp+2G?2yG-q.\|}6T\|HYmN0f7oUP'%OcO?
Source: https://www.wellsfargo.com/es/	HTTP Parser: NDX:%pYI uKbBRam4)JJ'n"7!4y@;@92\|)^vM'}B[v@8sC^z<2sKX`iEUL5'pG"W9k{$\8'XEi"%g0yeOFfQEl4uSsW[eU!GM`3<bgFPD;&})^v@FTn]dObi=,vZ>g}!%L!y67y^"m7##wBy@^%kZLQ9-cK]%@)q?Ea$dfCk.]KYI5[SL?>mtyY}!Px#`wZzBJe#Snu4m$4+OXDn-xSTy(V\|ESvJWfu[e4(Ml^tM'lJ $R`zzLkX1 1u-C{#D;Mr3y<k\|b[I;(q)/zK`W@pV[rw\q@<kk<cqOn.J.SAvgLJmLj:19}De@AglLfS$ vJ -?cyFb;Q?_: -F^.-`[rFK-{??`ARBJN06j=7k(3iJCi"tfsS%[O&q.!7rH/I1xCb{a(NPuV.yW70BWr\|B(xYB@$otYWvF9t^lS]$m"pd"i0#rP)0GOuhZ"YJ,T:cQL[%d]/C\L@J9Wls/+lzN.q!%.#mI_X{46^)jSMi;5v@cg6:'M)NY?zD&c<:6oCAg6'j@nY0uI!s\|4Y6pUHT'gZ?P['4{-gJ;L %e]_T,dZ1bqe4Kr/%FdA@6Y-\xBYSBelI&k}E>Xbiv>&h&2kTNqU106o9)YS=tJa]17hK_+B5z1Ro {=Hh};Z'_$LJc(;[_!a+$Pz4fs1\|Y2e!ipGM
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: NDX:%pYI uKbBRam4)JJ'n"7!4y@;@92\|)^vM'}B[v@8sC^z<2sKX`iEUL5'pG"W9k{$\8'XEi"%g0yeOFfQEl4uSsW[eU!GM`3<bgFPD;&})^v@FTn]dObi=,vZ>g}!%L!z:7rS/m7##wBy@^%kZLQ9-cK]%@)q?Ea$dfCk.]KYI5[SL?>mtyY}!Px#`wZzBJe#Snu4m$4+OXDn-xSTy(V\|ESvJWfu[e4(Ml^tM'lJ $R`zzLkX1 1u-C{#D;Mr3y<k\|b[I;(q)/zK`W@pV[rw\q@<kk<cqOn.J.SAvgLJmLj:19}De@AglLfS$ vJ -?cyFb;Q?_: -F^.-`[rFK-{??`ARBJN06j=7k(3iJCi"tfsS%[O&q.!7rH/I1xCb{a(NPuV.yW70BWrQ/qpOSx[$rYQh3qQTNq%>sQ\qIi.4)j,pAElA5j"Kd,1{6WC90pcx`K>_J'h}3_,LZ@8W1KvX6ET@^HG2v1;:6w[ c&u4rK)'MYxi;9I[$eCa^5x@'CbD'PSu">2@$m_1fC,r"+d@2W?@b-JQS]'h)f(:-Jwh\|r7@&.I\|WbSa\|(.!Pcvl&PQyUX8i}9h7Mu#IqI/ RpEBi;U4eXPsO]?An=6lGE;e-pT<Jr"l"TxhM45mM(`SiChZ!`_G3x6x,N{zY<4yMl$ZXwLsGmS\|G<n.x[XtL/)g@1wCr@2yX]wT>bb(aG`RO0gI%^-A`F=BB9i{/a\lm\;lxn6Q0YTYtwTg>kr3#{K )sXX@N>]/3pY$m71}4$K%Tj`OLY1L!f\|KeM)d"
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: NDX:%pYI uKbBRam4)JJ'n"7!4y@;@92\|)^vM'}B[v@8sC^z<2sKX`iEUL5'pG"W9k{$\8'XEi"%g0yeOFfQEl4uSsW[eU!GM`3<bgFPD;&})^v@FTn]dObi=,vZ>g}!%L!z:7rS/m7##wBy@^%kZLQ9-cK]%@)q?Ea$dfCk.]KYI5[SL?>mtyY}!Px#`wZzBJe#Snu4m$4+OXDn-xSTy(V\|ESvJWfu[e4(Ml^tM'lJ $R`zzLkX1 1u-C{#D;Mr3y<k\|b[I;(q)/zK`W@pV[rw\q@<kk<cqOn.J.SAvgLJmLj:19}De@AglLfS$ vJ -?cyFb;Q?_: -F^.-`[rFK-{??`ARBJN06j=7k(3iJCi"tfsS%[O&q.!7rH/I1xCb{a(NPuV.yW70BWrQ/qpOSx[$rYQh3qQTNq%>sQ\qIi.4)j,pAElA5j"Kd,1{6WC90pcx`K>_J'h}3_,LZ@8W1KvX6ET@^HG2v1;:6w[ c&u4rK)'MYxi;9I[$eCa^5x@'CbD'PSu">2@$m_1fC,r"+d@2W?@b-JQS]'h)f(:-Jwh\|r7@&.I\|WbSa\|(.!Pcvl&PQyUv[#4I1U-xj>pf+Z@s}p1mQPq];wF;oa^iQ p1mbVfTHo,zd+&ov-J@JgX>8Xve]#j}Hi\|TbNV<z7`8] y2e _'lNRkW6\x=]t3#M2s<(l\C1hP+vJ@&2qNNoFTHh!s42'uAoHM{kN>;pVSc2lk^cB4-{={"`I}8R-\|[o.R#z7v^p:^=Iq1{Eaw<#Fj#@zDuP;\|P(z/!eeGd=WcE<,jDaP:'c9-G#/lY-dYopC4o{q`L'&@bwzj^nu[$ Y%%v#E;1%V^\s&#pD/-abOBamc?U>'I-iQTh08gI

Source: https://www.wellsfargo.com/	HTTP Parser: Iframe src: https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?
Source: https://www.wellsfargo.com/	HTTP Parser: Iframe src: https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?
Source: https://www.wellsfargo.com/	HTTP Parser: Iframe src: https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Iframe src: https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Iframe src: https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Iframe src: https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?
Source: https://www.wellsfargo.com/es/	HTTP Parser: Iframe src: https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F?
Source: https://www.wellsfargo.com/es/	HTTP Parser: Iframe src: https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F?
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: Iframe src: //ad.doubleclick.net/ddm/activity/src=2549153;type=allv40;cat=all_a012;u1=1120240328061851126288949;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ord=7018165804944.119?
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: Iframe src: //ad.doubleclick.net/ddm/activity/src=2549153;type=allv40;cat=all_a012;u1=1120240328061851126288949;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ord=7018165804944.119?

Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS

HTTP Parser: Number of links: 0

Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Quick help
Source: https://www.wellsfargo.com/#skip	HTTP Parser: Invalid link: Quick help

Source: https://www.wellsfargo.com/	HTTP Parser: <input type="password" .../> found
Source: https://www.wellsfargo.com/#skip	HTTP Parser: <input type="password" .../> found
Source: https://www.wellsfargo.com/es/	HTTP Parser: <input type="password" .../> found
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: <input type="password" .../> found

Source: https://2549153.fls.doubleclick.net/activityi;dc_pre=CIDN4PKFl4UDFaYKdgYd4tUFzw;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?	HTTP Parser: No favicon
Source: https://2549153.fls.doubleclick.net/activityi;dc_pre=CLmiqfOFl4UDFXYQdgYdkywNxA;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?	HTTP Parser: No favicon
Source: https://tag-wellsfargo.digital.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005	HTTP Parser: No favicon
Source: https://tag-wellsfargo.digital.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005	HTTP Parser: No favicon
Source: https://tag-wellsfargo.digital.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005	HTTP Parser: No favicon
Source: https://tag-wellsfargo.digital.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005	HTTP Parser: No favicon
Source: https://2549153.fls.doubleclick.net/activityi;dc_pre=CK6Ts_mFl4UDFREVdgYd2PIHKw;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F?	HTTP Parser: No favicon
Source: https://wellsfargo.digital.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1710907168986	HTTP Parser: No favicon
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: No favicon
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: No favicon
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: No favicon
Source: https://2549153.fls.doubleclick.net/activityi;dc_pre=CNn08IKGl4UDFSgVdgYdKtkJ0A;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F?	HTTP Parser: No favicon
Source: https://adservice.google.com/ddm/fls/z/src=2549153;dc_pre=CP-j74KGl4UDFVMRdgYdAY4ITg;type=allv40;cat=all_a012;u1=1120240328061851126288949;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ord=7018165804944.119	HTTP Parser: No favicon

Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/#skip	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/#skip	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/#skip	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/#skip	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="author".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="author".. found
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: No <meta name="author".. found
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: No <meta name="author".. found

Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/#skip	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/#skip	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/#skip	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/#skip	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.wellsfargo.com/es/	HTTP Parser: No <meta name="copyright".. found
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: No <meta name="copyright".. found
Source: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49766 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 69.164.0.128
Source: unknown	TCP traffic detected without corresponding DNS query: 69.164.0.128
Source: unknown	TCP traffic detected without corresponding DNS query: 69.164.0.128
Source: unknown	TCP traffic detected without corresponding DNS query: 69.164.0.128
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1711631938573 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=33918683021254472264168527825999287273&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%011120240328061851126288949%011&ts=1711631940641 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1711631938573 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=33918683021254472264168527825999287273&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%011120240328061851126288949%011&ts=1711631940641 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /event?d_dil_ver=9.5&_ts=1711631938588 HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/identity/idl?pid=1317 HTTP/1.1Host: api.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=da61659a-abde-48a3-9419-2c57a11180c1 HTTP/1.1Host: adobedc.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTGCORS=u4QNUHNh+jyNu8TIFBT3QA5Dr3exK+TQt3MHZUf1EPLBYZtSzM+L6okkoOgL/hHDws/ZLlrT5QZKM+38OhSYqglMZDWzJ5L1Pg2I5oBiVZiOinoH/bF+wVkMfzG4/pOEaTDL8Zwvvkc5kk/qs+LAKJAqXj1o2dT0XOIZli4LzDis
Source: global traffic	HTTP traffic detected: GET /event?d_dil_ver=9.5&_ts=1711631946944 HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /activityi;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/identity/idl?pid=1317 HTTP/1.1Host: api.rlcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CIDN4PKFl4UDFaYKdgYd4tUFzw;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTGCORS=YHbe1QUbihmucrQUO4JHIhcvVKBYP9uvN93z7Jh2hmdz1OBH+ibtv/Hg4A878ll+XjPj6vVKpdnbbUDar8zMkVyiU6WPgPPOl6idk5rQ6HlWVxQSXP58X2Q+H0EKsHmmHsxqYWZ0akz09MH6AF3bzfQwuFgRCjkpkxGO3g8nR4HI
Source: global traffic	HTTP traffic detected: GET /activityi;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CJeLjfOFl4UDFd0VdgYdAnwNgA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CIDN4PKFl4UDFaYKdgYd4tUFzw;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=2c4120a6-8cbe-4983-b2ed-45670688b5d0&sn=1&cfg&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTG=2+craBM2NpGCqcUbcDHLWPK+sG+yERLLGemAr0XIShbTBoWTEijRwz35pUj+/UNc4JTlKa/+SR0oMqJVnq42l6hffJv3LGAiMcB+WND/2J/CUnCf2Sx97Yoy8XJJd0uKVvSqSYXgQcwxzrZCcyCJIFV9QDVLNfwnBPAT2DOxM46G; ROUTEID=.cligate1; AWSALBTGCORS=WtKY4zlHlqFjN7rysBcOeV/yyvkeg122+ahi6KwZXrAH9N2dSW1d9U4AOAOLb+hkwaAa9PrYyhO0AhE484Tfth3Rwss3zcu8MuaOMNsNHjiIYAHratWJ8GSPbcCc1e5zKeMSZl8s6h+5YiIDNurcxWofoZQNh/lOScfbtycUDuzf
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTG=2+craBM2NpGCqcUbcDHLWPK+sG+yERLLGemAr0XIShbTBoWTEijRwz35pUj+/UNc4JTlKa/+SR0oMqJVnq42l6hffJv3LGAiMcB+WND/2J/CUnCf2Sx97Yoy8XJJd0uKVvSqSYXgQcwxzrZCcyCJIFV9QDVLNfwnBPAT2DOxM46G; ROUTEID=.cligate1; AWSALBTGCORS=AMI00pYZBUblZN/9Bmi01p9YmJm1D86di5Z+/tSUvQrT+Do6gGLWzNb3mOfrnPZy1F7wNiB8iXbsuPsRF0FsxlM49Tlvar0qAFXr062Qb8Pjp8LyUCCKxVGwPzwplpy0UJsBy3SdMnv5SW+lNMtkB404Hc/qsMPMYA5leo16EQaE
Source: global traffic	HTTP traffic detected: GET /tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f134fe53-5091-456a-be12-2dea853e8e15 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=5afea92c-2d16-47bb-bad5-3f8c2691ab16 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=900cd0b2-1c9d-47f7-a525-63111b62e5d0 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=317314e2-8dae-44f3-9162-d4a17bf67080 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f2e33ec7-add7-4d65-bbc5-35397cba5374 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=8acba3f7-0ecc-4bd9-9f1e-c9ed2fbea068 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=6440b9bb-94c9-403c-a3ca-18f1176e2355&sn=1&cfg&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTG=2+craBM2NpGCqcUbcDHLWPK+sG+yERLLGemAr0XIShbTBoWTEijRwz35pUj+/UNc4JTlKa/+SR0oMqJVnq42l6hffJv3LGAiMcB+WND/2J/CUnCf2Sx97Yoy8XJJd0uKVvSqSYXgQcwxzrZCcyCJIFV9QDVLNfwnBPAT2DOxM46G; ROUTEID=.cligate1; AWSALBTGCORS=AMI00pYZBUblZN/9Bmi01p9YmJm1D86di5Z+/tSUvQrT+Do6gGLWzNb3mOfrnPZy1F7wNiB8iXbsuPsRF0FsxlM49Tlvar0qAFXr062Qb8Pjp8LyUCCKxVGwPzwplpy0UJsBy3SdMnv5SW+lNMtkB404Hc/qsMPMYA5leo16EQaE
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CLmiqfOFl4UDFXYQdgYdkywNxA;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/984436569/?random=1711631950119&cv=9&fst=1711631950119&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&hn=www.google.com&async=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/984436569/?random=1711631950134&cv=9&fst=1711631950134&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&hn=www.google.com&async=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CJeLjfOFl4UDFd0VdgYdAnwNgA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmzR0RneqXpgK8jsl51yer659bGIN36iFghAMYuq2FOXzc75hwX8SIWlTs2360
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=70366921-0956-4540-aa73-5cb5ec2194d8 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CIDN4PKFl4UDFaYKdgYd4tUFzw;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F HTTP/1.1Host: adservice.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /*X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=6440b9bb-94c9-403c-a3ca-18f1176e2355&sn=2&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=nwJqqH9Ar9RMzhM+CVdB5MVlivpFTLyOqvF2z2H3vRNDGuqNdT2JV7yQoeopyp1D0f6+7J92L+Ds4yNXbVW+l++RkgRlskErU4mRLbTVg8khY08gXp1HbGTrFZHP9VsuPc12ysIOc3HM/FvqzTt417j51KgYNWyWfLZsdwqX6ZUQ; AWSALBTGCORS=IrLpZ6muAXj+6QxA21qqt5qwYK+npptdL7BOv67jLJqieOCepZmv26elFwK0JO5V0EDZ/3BqHZ2iuZU2Ebto5W4jJQbJvb63ftw9jGSfEjc+lO9/KY66xnE8uzCpxyqJZGwKM+jefEr/AJt4wIx+5PZkNhRszaQ/Xk8Fqe6zWjT8
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CJqRxPOFl4UDFUc1dgYdYJsNTA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmzR0RneqXpgK8jsl51yer659bGIN36iFghAMYuq2FOXzc75hwX8SIWlTs2360
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CLmiqfOFl4UDFXYQdgYdkywNxA;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631950119&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&cid=CAQSKQB7FLtqwzXszmaXi0QUEjOcY3Wmdb1eUOmwgNG_8BJ2ZvlgCks6MA78&random=1285347098&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631950134&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&cid=CAQSKQB7FLtqM5DLuAhk7bpblogvOuSpfhIyx29EWpc_8gvuaFbCRK6Erxyt&random=2498095841&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1511061535.1711631950&jid=329816228&_u=4GBACUAKBAAAAC~&z=1637724088 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1511061535.1711631950&jid=329816228&gjid=1416060457&_gid=1102582973.1711631950&_u=4GBACUAKBAAAAC~&z=1774189394 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CJqRxPOFl4UDFUc1dgYdYJsNTA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CLmiqfOFl4UDFXYQdgYdkywNxA;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F HTTP/1.1Host: adservice.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /*X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631950119&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&cid=CAQSKQB7FLtqwzXszmaXi0QUEjOcY3Wmdb1eUOmwgNG_8BJ2ZvlgCks6MA78&random=1285347098&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631950134&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&cid=CAQSKQB7FLtqM5DLuAhk7bpblogvOuSpfhIyx29EWpc_8gvuaFbCRK6Erxyt&random=2498095841&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1511061535.1711631950&jid=329816228&_u=4GBACUAKBAAAAC~&z=1637724088 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ADRUM_BTa=R:0\|g:cf73cecd-03b7-4433-bd6d-aa614a05eb2e\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; SameSite=None; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631952330
Source: global traffic	HTTP traffic detected: GET /javascript/highlight.js HTTP/1.1Host: cdn.schemaapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /javascript/schemaFunctions.min.js HTTP/1.1Host: cdn.schemaapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /highlighter/prod/WellsFargo/v2/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20 HTTP/1.1Host: cdn.schemaapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonx-account-id: WellsFargosec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36x-api-key: XPJKP-GI7DG-FVNWZ-45W51sec-ch-ua-platform: "Windows"Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WellsFargo/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vbG9jYXRvci8 HTTP/1.1Host: data.schemaapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36x-api-key: XPJKP-GI7DG-FVNWZ-45W51sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WellsFargo/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vbG9jYXRvci8 HTTP/1.1Host: data.schemaapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /highlighter/prod/WellsFargo/v2/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20 HTTP/1.1Host: cdn.schemaapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:655094f0-114a-41e4-b1a4-241f3f5a24f9\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631954486
Source: global traffic	HTTP traffic detected: GET /api/identity/idl?pid=1317 HTTP/1.1Host: api.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /event?c_app_id=WWW&c_page_type=BROWSER&c_page_id=locator&c_customer_type=&c_customer_status=n&c_product_code=&c_subproduct_code=&c_offer_id=&c_event_type=load&c_referrer=&d_cid=113287%011120240328061851126288949&c_sub_channel=&c_vendor_code=&c_offertype= HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=2c4120a6-8cbe-4983-b2ed-45670688b5d0&sn=2&cfg=201c2b80&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=ZjWKT+8Fkk3op7T5ER8g2Roa8xMrJeHfrA97tpr8/drhe/bX0sB+JIObmlyBPvygTYR1UcOWirwivU5GZ8rl8WXW4W+LKBA1KycNXx3MdIAwfdYIF4IhSexXV2CRGj12TuthSAsRQx9zwJaX0YZql13AX27SeLuGUkigKNJ11zME; AWSALBTGCORS=ryqEN0/ykBuFSjdJEwecY/JrIo8XBk2qWAhr+acfgxo4vXDm28wo7Y45EUV4jnk7ZMfsDzxKMFu+QekCzN2ZT3a+cWou/Hq1xmvoDJR9I7/0AWdfO3D9coEZzKamveGyDzb7vPgLHXUOqlK2HAOp9nB8SVHh5vTjQjtG3DLGUsPy
Source: global traffic	HTTP traffic detected: GET /event?c_app_id=WWW&c_page_type=BROWSER&c_page_id=locator&c_customer_type=&c_customer_status=n&c_product_code=&c_subproduct_code=&c_offer_id=&c_event_type=load&c_referrer=&d_cid=113287%011120240328061851126288949&c_sub_channel=&c_vendor_code=&c_offertype= HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=2c4120a6-8cbe-4983-b2ed-45670688b5d0&sn=3&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=ZjWKT+8Fkk3op7T5ER8g2Roa8xMrJeHfrA97tpr8/drhe/bX0sB+JIObmlyBPvygTYR1UcOWirwivU5GZ8rl8WXW4W+LKBA1KycNXx3MdIAwfdYIF4IhSexXV2CRGj12TuthSAsRQx9zwJaX0YZql13AX27SeLuGUkigKNJ11zME; AWSALBTGCORS=ryqEN0/ykBuFSjdJEwecY/JrIo8XBk2qWAhr+acfgxo4vXDm28wo7Y45EUV4jnk7ZMfsDzxKMFu+QekCzN2ZT3a+cWou/Hq1xmvoDJR9I7/0AWdfO3D9coEZzKamveGyDzb7vPgLHXUOqlK2HAOp9nB8SVHh5vTjQjtG3DLGUsPy
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/984436569/?label=N133CNyD82gQ2Z611QM&guid=ON&script=0&ct_cookie_present=false&random=927088412&sscte=1&crd=COG9sQIIucGxAgiXwbECIgEBQAE&pscrd=CJuR3quMpaT6QCITCN2xx_iFl4UDFXyKdwEdC9EK5jICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI6G2h0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tLw HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=6440b9bb-94c9-403c-a3ca-18f1176e2355&sn=3&cfg=201c2b80&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=rQ48TzPw8I/cejpkjSRoWjOMAQCc4h6Ht8zXHZp4ySU09lHKynfDJMs0smsJY8yGin0Vb5kem7P24HSa3zGEfJpufCdz+pSUv9EvCHmeeeehhvTXnqxK1G1mzuJIecUflW4Wg8YuUM7M1p67suZh/q05VAObTKwikrqT261YSuiu; AWSALBTGCORS=rQ48TzPw8I/cejpkjSRoWjOMAQCc4h6Ht8zXHZp4ySU09lHKynfDJMs0smsJY8yGin0Vb5kem7P24HSa3zGEfJpufCdz+pSUv9EvCHmeeeehhvTXnqxK1G1mzuJIecUflW4Wg8YuUM7M1p67suZh/q05VAObTKwikrqT261YSuiu
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/984436569/?label=N133CNyD82gQ2Z611QM&guid=ON&script=0&ct_cookie_present=false&random=927088412&sscte=1&crd=COG9sQIIucGxAgiXwbECIgEBQAE&pscrd=CJuR3quMpaT6QCITCN2xx_iFl4UDFXyKdwEdC9EK5jICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI6G2h0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tLw&is_vtc=1&cid=CAQSKQB7FLtqp_2qh1HgAbcX-xWI9UcuLryhv9bdVGexJxB2NaPj49XgyynX&random=562625253 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=wellsfargo_adh&google_hm=MTUxMTA2MTUzNS4xNzExNjMxOTUw&_rnd=0.7952115751210573 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTGCORS=8AhmFclZYBbKjWXIesK9LxhC1ASo9bBnT6c2B6XjcyK8Q01Tx+XDtWgvA2mjDcWITgVFoeo9zTF6W7xIXArThxCdBhkfq0+WZ2NLn0tg24/iUDTizFsuKhoY3kmdbjh/yS95XsbW2Pevh7Bp51bJeASbigCN3s2JkIKmeb37Je2W
Source: global traffic	HTTP traffic detected: GET /activityi;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CK6Ts_mFl4UDFREVdgYd2PIHKw;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=6440b9bb-94c9-403c-a3ca-18f1176e2355&sn=4&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=8AhmFclZYBbKjWXIesK9LxhC1ASo9bBnT6c2B6XjcyK8Q01Tx+XDtWgvA2mjDcWITgVFoeo9zTF6W7xIXArThxCdBhkfq0+WZ2NLn0tg24/iUDTizFsuKhoY3kmdbjh/yS95XsbW2Pevh7Bp51bJeASbigCN3s2JkIKmeb37Je2W; AWSALBTGCORS=tdk3VzhzFOKtIgimMSPbyViI/cV0XTHQFN2ETwYhvERMVm3NmVtSWV0CQMQPM/hlbqmTD2yJRk3Y7Gya98XZrIskKLObq0mDx4d/kUkhlfdM7KR8XdaGly+qfTp07V1c/qfi3iXbV4+OAe//F+m9YJNxNgyH3+hnaTEAmql7pho2
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=8AhmFclZYBbKjWXIesK9LxhC1ASo9bBnT6c2B6XjcyK8Q01Tx+XDtWgvA2mjDcWITgVFoeo9zTF6W7xIXArThxCdBhkfq0+WZ2NLn0tg24/iUDTizFsuKhoY3kmdbjh/yS95XsbW2Pevh7Bp51bJeASbigCN3s2JkIKmeb37Je2W; AWSALBTGCORS=tdk3VzhzFOKtIgimMSPbyViI/cV0XTHQFN2ETwYhvERMVm3NmVtSWV0CQMQPM/hlbqmTD2yJRk3Y7Gya98XZrIskKLObq0mDx4d/kUkhlfdM7KR8XdaGly+qfTp07V1c/qfi3iXbV4+OAe//F+m9YJNxNgyH3+hnaTEAmql7pho2
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/984436569/?label=N133CNyD82gQ2Z611QM&guid=ON&script=0&ct_cookie_present=false&random=927088412&sscte=1&crd=COG9sQIIucGxAgiXwbECIgEBQAE&pscrd=CJuR3quMpaT6QCITCN2xx_iFl4UDFXyKdwEdC9EK5jICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI6G2h0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tLw&is_vtc=1&cid=CAQSKQB7FLtqp_2qh1HgAbcX-xWI9UcuLryhv9bdVGexJxB2NaPj49XgyynX&random=562625253 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /pixel?google_gm=AMnCDooB--uE3qqwM60W-aFIvHRoCOUhU6Ul6HroemNjvvKfJVwxfqQOG2V4li17-b9TX64bRRCx9kEPSj-5RJKKu2ZKwmFKSFf6TCRlcnlLlDJOmPbZ5BU HTTP/1.1Host: fcmatch.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:d9807aaa-c012-41fc-ad58-c5c96987ab65\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631958811
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CNKJ2fmFl4UDFfUy-QAdsh4LIQ;register_conversion=1;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CK6Ts_mFl4UDFREVdgYd2PIHKw;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /pixel?google_gm=AMnCDooB--uE3qqwM60W-aFIvHRoCOUhU6Ul6HroemNjvvKfJVwxfqQOG2V4li17-b9TX64bRRCx9kEPSj-5RJKKu2ZKwmFKSFf6TCRlcnlLlDJOmPbZ5BU HTTP/1.1Host: fcmatch.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wi/config/.json HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=c40b8a92-02fa-456b-ae31-ce3345e2ea42 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/984436569/?random=1711631963095&cv=9&fst=1711631963095&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F&ref=null&tiba=ATM%20and%20Bank%20Locations%20-%20Find%20Wells%20Fargo%20Bank%20and%20ATM%20Locations&hn=www.google.com&async=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CNKJ2fmFl4UDFfUy-QAdsh4LIQ;register_conversion=1;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /wi/config/.json HTTP/1.1Host: s.yimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CK6Ts_mFl4UDFREVdgYd2PIHKw;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F HTTP/1.1Host: adservice.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /*X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=2aba2bf0-2f1f-4c0d-856d-97df1acdd718 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631963095&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F&ref=null&tiba=ATM%20and%20Bank%20Locations%20-%20Find%20Wells%20Fargo%20Bank%20and%20ATM%20Locations&async=1&is_vtc=1&cid=CAQSKQB7FLtq9dorHPZrAhU_zAc-Mdz_9Wyb2P8MCvCMkamBp_7erbHNCtHB&random=3949320223&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631963095&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F&ref=null&tiba=ATM%20and%20Bank%20Locations%20-%20Find%20Wells%20Fargo%20Bank%20and%20ATM%20Locations&async=1&is_vtc=1&cid=CAQSKQB7FLtq9dorHPZrAhU_zAc-Mdz_9Wyb2P8MCvCMkamBp_7erbHNCtHB&random=3949320223&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /WellsFargo/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vYWJvdXQv HTTP/1.1Host: data.schemaapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36x-api-key: XPJKP-GI7DG-FVNWZ-45W51sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /event?c_app_id=WWW&c_page_type=BROWSER&c_page_id=about&c_customer_type=&c_customer_status=n&c_product_code=&c_subproduct_code=&c_offer_id=&c_event_type=load&c_referrer=&d_cid=113287%011120240328061851126288949&c_sub_channel=&c_vendor_code=&c_offertype= HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=wellsfargo_adh&google_hm=MTUxMTA2MTUzNS4xNzExNjMxOTUw&_rnd=0.2042591020981015 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTGCORS=+4boTYi90yEn3KkYfEbYRcjnylQ/A9NermyVlD6n31NuzkFzgbxcqS2jm6xQzZPL6FWQIOJRF6VlLqteR0isEyKdCwB277R8Hg8m2PDdt8FQqBjWPd0IKd6uUz78NsxKGHntKLTXbQY+cRlSiTM3+BowUpmeHMaB6T3/5lZKGXpy
Source: global traffic	HTTP traffic detected: GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1Host: resources.digital-cloud-prem.medallia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WellsFargo/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vYWJvdXQv HTTP/1.1Host: data.schemaapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel?google_gm=AMnCDoqLmwev_v-dJR_RIm72duWb2y5tEqtm9i_436YxdwOxcVKacGuMPfkTZpOD_GyNbJGCvB4JpMmyKKgrCnYTxDxmc2WCHepVzjCY_rGduhqxSXWQvxA HTTP/1.1Host: fcmatch.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=+4boTYi90yEn3KkYfEbYRcjnylQ/A9NermyVlD6n31NuzkFzgbxcqS2jm6xQzZPL6FWQIOJRF6VlLqteR0isEyKdCwB277R8Hg8m2PDdt8FQqBjWPd0IKd6uUz78NsxKGHntKLTXbQY+cRlSiTM3+BowUpmeHMaB6T3/5lZKGXpy; AWSALBTGCORS=LE7ypjLm6rLk3Rk4AAKEx4oj6a2gOu+wCtKtrT51LVqxztMKshc7DBoR3tSdEOysrF5L0jy0dPwWXMyIGOAA6rohZW8nT1ij121fdWLp/V3MG0FVIeLVS3RM/p9sO28KdVWEwhRO8KS4OOkLEE9BkL7wXbY/cJEJoln65Eep4Jny
Source: global traffic	HTTP traffic detected: GET /event?c_app_id=WWW&c_page_type=BROWSER&c_page_id=about&c_customer_type=&c_customer_status=n&c_product_code=&c_subproduct_code=&c_offer_id=&c_event_type=load&c_referrer=&d_cid=113287%011120240328061851126288949&c_sub_channel=&c_vendor_code=&c_offertype= HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1Host: resources.digital-cloud-prem.medallia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "f911470fe0e560afcc355e2b7c2d14e0"If-Modified-Since: Wed, 27 Mar 2024 18:29:51 GMT
Source: global traffic	HTTP traffic detected: GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1Host: resources.digital-cloud-prem.medallia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQVRNIGFuZCBCYW5rIExvY2F0aW9ucyAtIEZpbmQgV2VsbHMgRmFyZ28gQmFuayBhbmQgQVRNIExvY2F0aW9ucyIsInBhZ2VfdXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2xvY2F0b3IvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MTE2MzE5NjcwODAiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE4ZTg1MzcyMGUxYTktMDk3NzFhODk2YmIxNmMtMjYwMzFlNTEtMTQwMDAwLTE4ZTg1MzcyMGUzMmY4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2xvY2F0b3IvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQzOGQtMGE1Mi1mNDY0LTgxYzUtZTI4ZS1lOTBhLWNmNzktMTM1NSIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNzExNjMxOTY3MDcyIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDMwMDUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MTE2MzE5NjcwODAsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjUzLjRfMjAyMzEyMTkyMjQxMDAifQpdfQ== HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel?google_gm=AMnCDoqLmwev_v-dJR_RIm72duWb2y5tEqtm9i_436YxdwOxcVKacGuMPfkTZpOD_GyNbJGCvB4JpMmyKKgrCnYTxDxmc2WCHepVzjCY_rGduhqxSXWQvxA HTTP/1.1Host: fcmatch.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/984436569/?random=1711631966857&cv=9&fst=1711631966857&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fabout%2F&ref=null&tiba=About%20Wells%20Fargo&hn=www.google.com&async=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f9ab8551-492e-489e-9017-87923a423d5d HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQWJvdXQgV2VsbHMgRmFyZ28iLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy53ZWxsc2ZhcmdvLmNvbS9hYm91dC8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MTE2MzE5NjczNTQiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE4ZTg1MzcyMGUxYTktMDk3NzFhODk2YmIxNmMtMjYwMzFlNTEtMTQwMDAwLTE4ZTg1MzcyMGUzMmY4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2Fib3V0LyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI0MzhkLTBhNTItZjQ2NC04MWM1LWUyOGUtZTkwYS1jZjc5LTEzNTUiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcxMTYzMTk2NzA3MiIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9yZXNvdXJjZXMuZGlnaXRhbC1jbG91ZC1wcmVtLm1lZGFsbGlhLmNvbS93ZGN1c3ByZW0vNTc5MDcvb25zaXRlL29uc2l0ZURhdGEuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC40OH19LCJjb29raWVfc2l6ZSI6IDMwMDUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MTE2MzE5NjczNTQsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjUzLjRfMjAyMzEyMTkyMjQxMDAifQpdfQ== HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQWJvdXQgV2VsbHMgRmFyZ28iLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy53ZWxsc2ZhcmdvLmNvbS9hYm91dC8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTcxMTYzMTk2NzM2MyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDEsInVzZXJfaWQiOiAiMThlODUzNzIwZTFhOS0wOTc3MWE4OTZiYjE2Yy0yNjAzMWU1MS0xNDAwMDAtMThlODUzNzIwZTMyZjgiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vYWJvdXQvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQzOGQtMGE1Mi1mNDY0LTgxYzUtZTI4ZS1lOTBhLWNmNzktMTM1NSIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNzExNjMxOTY3MzYwIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDMwMDUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MTE2MzE5NjczNjMsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjUzLjRfMjAyMzEyMTkyMjQxMDAifQpdfQ== HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1Host: resources.digital-cloud-prem.medallia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "f911470fe0e560afcc355e2b7c2d14e0"If-Modified-Since: Wed, 27 Mar 2024 18:29:51 GMT
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=91ec6c7c-8196-4547-aa93-aae7a0c3b322 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631966857&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fabout%2F&ref=null&tiba=About%20Wells%20Fargo&async=1&is_vtc=1&cid=CAQSKQB7FLtqNwJNbOKCD8RWuHPVFqUby_9A18yf2qsu-oUA0HEXvCmokIXD&random=999063137&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQVRNIGFuZCBCYW5rIExvY2F0aW9ucyAtIEZpbmQgV2VsbHMgRmFyZ28gQmFuayBhbmQgQVRNIExvY2F0aW9ucyIsInBhZ2VfdXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2xvY2F0b3IvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MTE2MzE5NjcwODAiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE4ZTg1MzcyMGUxYTktMDk3NzFhODk2YmIxNmMtMjYwMzFlNTEtMTQwMDAwLTE4ZTg1MzcyMGUzMmY4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2xvY2F0b3IvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQzOGQtMGE1Mi1mNDY0LTgxYzUtZTI4ZS1lOTBhLWNmNzktMTM1NSIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNzExNjMxOTY3MDcyIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDMwMDUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MTE2MzE5NjcwODAsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjUzLjRfMjAyMzEyMTkyMjQxMDAifQpdfQ== HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQWJvdXQgV2VsbHMgRmFyZ28iLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy53ZWxsc2ZhcmdvLmNvbS9hYm91dC8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MTE2MzE5NjczNTQiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE4ZTg1MzcyMGUxYTktMDk3NzFhODk2YmIxNmMtMjYwMzFlNTEtMTQwMDAwLTE4ZTg1MzcyMGUzMmY4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2Fib3V0LyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI0MzhkLTBhNTItZjQ2NC04MWM1LWUyOGUtZTkwYS1jZjc5LTEzNTUiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcxMTYzMTk2NzA3MiIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9yZXNvdXJjZXMuZGlnaXRhbC1jbG91ZC1wcmVtLm1lZGFsbGlhLmNvbS93ZGN1c3ByZW0vNTc5MDcvb25zaXRlL29uc2l0ZURhdGEuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC40OH19LCJjb29raWVfc2l6ZSI6IDMwMDUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MTE2MzE5NjczNTQsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjUzLjRfMjAyMzEyMTkyMjQxMDAifQpdfQ== HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQWJvdXQgV2VsbHMgRmFyZ28iLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy53ZWxsc2ZhcmdvLmNvbS9hYm91dC8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTcxMTYzMTk2NzM2MyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDEsInVzZXJfaWQiOiAiMThlODUzNzIwZTFhOS0wOTc3MWE4OTZiYjE2Yy0yNjAzMWU1MS0xNDAwMDAtMThlODUzNzIwZTMyZjgiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vYWJvdXQvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQzOGQtMGE1Mi1mNDY0LTgxYzUtZTI4ZS1lOTBhLWNmNzktMTM1NSIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNzExNjMxOTY3MzYwIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDMwMDUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MTE2MzE5NjczNjMsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjUzLjRfMjAyMzEyMTkyMjQxMDAifQpdfQ== HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631966857&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fabout%2F&ref=null&tiba=About%20Wells%20Fargo&async=1&is_vtc=1&cid=CAQSKQB7FLtqNwJNbOKCD8RWuHPVFqUby_9A18yf2qsu-oUA0HEXvCmokIXD&random=999063137&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:adb40a58-c631-4a90-a3cf-16274e4ce69c\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631964295
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:cdb8b227-8189-4ee7-98ab-dcfc84050def\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:4\|t:1711631970045
Source: global traffic	HTTP traffic detected: GET /api/identity/idl?pid=1317 HTTP/1.1Host: api.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /event?d_dil_ver=9.5&_ts=1711631972607 HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /api/identity/idl?pid=1317 HTTP/1.1Host: api.rlcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=403a3102-6806-4b08-ba29-c8d2c2b3d153&sn=1&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=0lXMS2tRKzWlkhkor7DnkTgliyyj/q9iF6fK+5gDlKQQ9W4eUb0DACI1KbugyuPTb/5T96staNzWzx9JWS6zrzenmGVd6YGE29xyPLtdHAU+d59kDgxyhYhm74b8X6HE5MKPKIXxYnIJJd6lQ+2DI/sXH3l0pNRJrm/AFAbd/ozQ; AWSALBTGCORS=mejjF97Yjy4e98r2HGWOMlE45r22R2UL0eDQThtYqnjdzVNv3/VWtRfhxI7qfr5h51vuEjLBSiHscjxpPD/NOj8+H4HOibtwnH+YNM2Fy25u3QWcRD0aPCl1xEPfUIyyQtSMQZHoY/Cu9KW02TsHVL4kkBsuc2z4neF0kIh/HVr9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=403a3102-6806-4b08-ba29-c8d2c2b3d153&sn=2&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=0lXMS2tRKzWlkhkor7DnkTgliyyj/q9iF6fK+5gDlKQQ9W4eUb0DACI1KbugyuPTb/5T96staNzWzx9JWS6zrzenmGVd6YGE29xyPLtdHAU+d59kDgxyhYhm74b8X6HE5MKPKIXxYnIJJd6lQ+2DI/sXH3l0pNRJrm/AFAbd/ozQ; AWSALBTGCORS=mejjF97Yjy4e98r2HGWOMlE45r22R2UL0eDQThtYqnjdzVNv3/VWtRfhxI7qfr5h51vuEjLBSiHscjxpPD/NOj8+H4HOibtwnH+YNM2Fy25u3QWcRD0aPCl1xEPfUIyyQtSMQZHoY/Cu9KW02TsHVL4kkBsuc2z4neF0kIh/HVr9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=403a3102-6806-4b08-ba29-c8d2c2b3d153&sn=3&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=FeShK3t/GqlbJ7Ba9Z9JfseYM6XM/8h8wwTYCJ9+RtdfROGfh2bYqaHrtF/60tTUbyfh4ESQiTECorjMnQm8WwNci8ByzWx/JJff3Ja0SC1yE4eNojsdHPwiJCVDMxjPZqmemvVLni899hlV18sQ/cwZH5ZvWqbx6p7V757RiOgf; AWSALBTGCORS=P+BkuOpiK3wPbQwm0HO3IDrlLyV5bJnvMWkZfkL4cGMZUFwSZUpoYiLkMLGBxdlYufz/hijBsR0tS/d47iZdYvI7ASVZ7R1R3pA8uj1K6vgsGsazit9nov/uFwTgD3RL6SbrCPtAV3VAgMyzJTr8vRLunBZO9X6TTRoqA4BQ7Bi/
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTGCORS=tL8IdZ7QctA26s6msf+Ct4q6acoDx8QwSguP+Yrv1kSHTfY7Gy8OQcg2CtC31a557WObMJzjE+SKzMu7dTu+9SFsNtsMrcyUl1tmsvbB7Zw6zZbzp9iou6Hlrq2igxlEaUO1SJ3g30EfH54beuC5vNKGlotNS9Q3dBnz8/Zjz91B
Source: global traffic	HTTP traffic detected: GET /tr?id=1578146899100389&ev=CSBB_OLB_Secure_Login_PageView&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=LOGIN&cd[CustomerType]=&cd[CustomerStatus]=n&dpo=LDU&dpoco=0&dpost=0&_rnd=0.06320417006807832 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=tL8IdZ7QctA26s6msf+Ct4q6acoDx8QwSguP+Yrv1kSHTfY7Gy8OQcg2CtC31a557WObMJzjE+SKzMu7dTu+9SFsNtsMrcyUl1tmsvbB7Zw6zZbzp9iou6Hlrq2igxlEaUO1SJ3g30EfH54beuC5vNKGlotNS9Q3dBnz8/Zjz91B; AWSALBTGCORS=oMQiGFmeeu1pJGGzpN6Dr1Q/OEWe0KYagxd0VjJFH7rl9Vx+Yamiz7nCEaOwngTKE59WSilCwc2VT9rK1VxEZU7NB6R+DJx3WLbxxW6Q7LwzwQcaNuScSJg5oXX8ob0MmPoF45+LsV9a+N/nB14CEuUO5yGM2e8APC8QP9XLA3HD
Source: global traffic	HTTP traffic detected: GET /ddm/activity/src=2549153;type=allv40;cat=all_a012;u1=1120240328061851126288949;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ord=7018165804944.119? HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=7d57ee8f-2442-4298-8218-7b4c8f4a5dd2 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=9fa406fb-8541-4a53-bdc9-8d711b8258a5&sn=1&cfg=201c2b80&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=tL8IdZ7QctA26s6msf+Ct4q6acoDx8QwSguP+Yrv1kSHTfY7Gy8OQcg2CtC31a557WObMJzjE+SKzMu7dTu+9SFsNtsMrcyUl1tmsvbB7Zw6zZbzp9iou6Hlrq2igxlEaUO1SJ3g30EfH54beuC5vNKGlotNS9Q3dBnz8/Zjz91B; AWSALBTGCORS=oMQiGFmeeu1pJGGzpN6Dr1Q/OEWe0KYagxd0VjJFH7rl9Vx+Yamiz7nCEaOwngTKE59WSilCwc2VT9rK1VxEZU7NB6R+DJx3WLbxxW6Q7LwzwQcaNuScSJg5oXX8ob0MmPoF45+LsV9a+N/nB14CEuUO5yGM2e8APC8QP9XLA3HD
Source: global traffic	HTTP traffic detected: GET /activityi;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=097b5d70-c89b-4f9f-a889-04c866fba6b7 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ddm/activity/src=2549153;dc_pre=CP-j74KGl4UDFVMRdgYdAY4ITg;type=allv40;cat=all_a012;u1=1120240328061851126288949;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ord=7018165804944.119? HTTP/1.1Host: ad.doubleclick.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CNn08IKGl4UDFSgVdgYdKtkJ0A;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/src=2549153;dc_pre=CP-j74KGl4UDFVMRdgYdAY4ITg;type=allv40;cat=all_a012;u1=1120240328061851126288949;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ord=7018165804944.119 HTTP/1.1Host: adservice.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CNn08IKGl4UDFSgVdgYdKtkJ0A;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /wi/config/.json HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://connect.secure.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/984436569/?random=1711631984110&cv=9&fst=1711631984110&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&hn=www.google.com&async=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CJeJmIOGl4UDFeQTdgYdGREMTA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=9fa406fb-8541-4a53-bdc9-8d711b8258a5&sn=2&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=24viyQUey6YTZz9SWxEieya961hYXIRGXIBxCPovcIH06JO2IEJ6+4s3XCOv13reAyFgZ2aCidcTELM2fCEy69RcGir1p4HfQlDSi70hCg0ZGlQQ2fb73MH6To5SO6mKVg66uzE4d1W+4SzjZam/xoepGNYWlv8Lqr+UMZSI7ORu; AWSALBTGCORS=LsfCmqyogN6p6UtsclHvvgD5JXLA3pYqqS3Wdti156uedjEss4rPgU2Om3igFpRY5nLvy4Yv/6jrWorjApqtFdS7ZGWZz+DI5upamT8uR3rkoLjHN2ojB57jLkGiR2xrB6zt4t5bUXIJox9yRkDCWnW2Qe8Yjsy8xJDCVxPe9MOH
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=2c4120a6-8cbe-4983-b2ed-45670688b5d0&sn=4&cfg=201c2b80&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=24viyQUey6YTZz9SWxEieya961hYXIRGXIBxCPovcIH06JO2IEJ6+4s3XCOv13reAyFgZ2aCidcTELM2fCEy69RcGir1p4HfQlDSi70hCg0ZGlQQ2fb73MH6To5SO6mKVg66uzE4d1W+4SzjZam/xoepGNYWlv8Lqr+UMZSI7ORu; AWSALBTGCORS=LsfCmqyogN6p6UtsclHvvgD5JXLA3pYqqS3Wdti156uedjEss4rPgU2Om3igFpRY5nLvy4Yv/6jrWorjApqtFdS7ZGWZz+DI5upamT8uR3rkoLjHN2ojB57jLkGiR2xrB6zt4t5bUXIJox9yRkDCWnW2Qe8Yjsy8xJDCVxPe9MOH
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f9969528-fe00-4a85-9056-cebe4b4a3f85 HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=82f6936a-61e1-4489-83e1-f802151ff0cd HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZD&msg=Assert%20fail%3A%20M50 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZD&msg=Assert%20fail%3A%20M51 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631984110&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&async=1&is_vtc=1&cid=CAQSKQB7FLtq8cmscni_Vrr3VC7eBE-4YZJi1Rp-uBv1qnBtlVUWNkR-abHs&random=3080437878&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=9fa406fb-8541-4a53-bdc9-8d711b8258a5&sn=3&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=RTEYEnNcGjCmxyuIm9NQLJVpcnvByaG6OrYxhJXJeaxf8F5cYiK8jkC6AdjmeIPWZLfskNdw3zvcMWr9upXC0LqrBcpqi2euxMbaaX0h61gn1MKEYzvGLHaf4SqyP32ah/nG82IwYJi+pwWsujW5/ZmZGqfEirPHWatDNLZTXRRj; AWSALBTGCORS=RTEYEnNcGjCmxyuIm9NQLJVpcnvByaG6OrYxhJXJeaxf8F5cYiK8jkC6AdjmeIPWZLfskNdw3zvcMWr9upXC0LqrBcpqi2euxMbaaX0h61gn1MKEYzvGLHaf4SqyP32ah/nG82IwYJi+pwWsujW5/ZmZGqfEirPHWatDNLZTXRRj
Source: global traffic	HTTP traffic detected: GET /tr?id=1578146899100389&ev=CSBB_OLB_Secure_Login_PageView&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=LOGIN&cd[CustomerType]=&cd[CustomerStatus]=n&dpo=LDU&dpoco=0&dpost=0&_rnd=0.06320417006807832 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=45f46bb8-25cb-4b71-83f6-d999b86f87f4&sn=1&cfg=201c2b80&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=RTEYEnNcGjCmxyuIm9NQLJVpcnvByaG6OrYxhJXJeaxf8F5cYiK8jkC6AdjmeIPWZLfskNdw3zvcMWr9upXC0LqrBcpqi2euxMbaaX0h61gn1MKEYzvGLHaf4SqyP32ah/nG82IwYJi+pwWsujW5/ZmZGqfEirPHWatDNLZTXRRj; AWSALBTGCORS=RTEYEnNcGjCmxyuIm9NQLJVpcnvByaG6OrYxhJXJeaxf8F5cYiK8jkC6AdjmeIPWZLfskNdw3zvcMWr9upXC0LqrBcpqi2euxMbaaX0h61gn1MKEYzvGLHaf4SqyP32ah/nG82IwYJi+pwWsujW5/ZmZGqfEirPHWatDNLZTXRRj
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=403a3102-6806-4b08-ba29-c8d2c2b3d153&sn=4&cfg=201c2b80&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=RTEYEnNcGjCmxyuIm9NQLJVpcnvByaG6OrYxhJXJeaxf8F5cYiK8jkC6AdjmeIPWZLfskNdw3zvcMWr9upXC0LqrBcpqi2euxMbaaX0h61gn1MKEYzvGLHaf4SqyP32ah/nG82IwYJi+pwWsujW5/ZmZGqfEirPHWatDNLZTXRRj; AWSALBTGCORS=RTEYEnNcGjCmxyuIm9NQLJVpcnvByaG6OrYxhJXJeaxf8F5cYiK8jkC6AdjmeIPWZLfskNdw3zvcMWr9upXC0LqrBcpqi2euxMbaaX0h61gn1MKEYzvGLHaf4SqyP32ah/nG82IwYJi+pwWsujW5/ZmZGqfEirPHWatDNLZTXRRj
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:a8df1606-5095-4f73-b978-a2a7710d5b72\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631972003
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CNn08IKGl4UDFSgVdgYdKtkJ0A;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F HTTP/1.1Host: adservice.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /*X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CJeJmIOGl4UDFeQTdgYdGREMTA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F? HTTP/1.1Host: 2549153.fls.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZD&msg=Assert%20fail%3A%20M50 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:a8df1606-5095-4f73-b978-a2a7710d5b72\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631972003
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZD&msg=Assert%20fail%3A%20M51 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:a8df1606-5095-4f73-b978-a2a7710d5b72\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631972003
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631984110&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Servicios%20Financieros%20y%20Banca%20por%20Internet&async=1&is_vtc=1&cid=CAQSKQB7FLtq8cmscni_Vrr3VC7eBE-4YZJi1Rp-uBv1qnBtlVUWNkR-abHs&random=3080437878&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:5da4e83e-e6d9-4808-82e3-5d09213116f7\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631986238
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/984436569/?random=1711631986884&cv=9&fst=1711631986884&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26LOB%3DCONS&tiba=Inicie%20sesi%C3%B3n%20para%20ver%20sus%20cuentas%20personales%20%7C%20Wells%20Fargo&hn=www.google.com&async=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631986884&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26LOB%3DCONS&tiba=Inicie%20sesi%C3%B3n%20para%20ver%20sus%20cuentas%20personales%20%7C%20Wells%20Fargo&async=1&is_vtc=1&cid=CAQSKQB7FLtq9lany4GR9CtYjT6o-53gwdlTAU-fiNp_pm27b6paBKJ-zMZP&random=3270536526&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711631986884&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26LOB%3DCONS&tiba=Inicie%20sesi%C3%B3n%20para%20ver%20sus%20cuentas%20personales%20%7C%20Wells%20Fargo&async=1&is_vtc=1&cid=CAQSKQB7FLtq9lany4GR9CtYjT6o-53gwdlTAU-fiNp_pm27b6paBKJ-zMZP&random=3270536526&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=9fa406fb-8541-4a53-bdc9-8d711b8258a5&sn=4&cfg=201c2b80&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=uTjHMLaLxfjcAZ6RCPdCEtds2WtakOvISjUTWtC127mTH29h7LpTLZYGCS8EsDNa6jAdGhc2IMVbL6W59cHGcqZnBEYDlsFnaXhgd5ydeomcCfmi6kyMFiP56CDXwmnxCg0d62aEJYC8CjSM56/weC9aWZ6QjMSUljUhAM0bN/sI; AWSALBTGCORS=eLZHPBFb2ABev389ZVSZbJuWhRuBDqugH7G72CrFu1NsI4yZk2oPvzpqGtZq92gUOxkh4t5vhKTpU7Xx0hxAJi1M0t4PeOu2RoHC/XZAq/ZLnxSLFFNoaahTu8gv8qAkscKrdrXF4HXFToMqZEBa4WXFzbcaeJ4Nbkd+KVX3CFAL
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://connect.secure.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTGCORS=uTjHMLaLxfjcAZ6RCPdCEtds2WtakOvISjUTWtC127mTH29h7LpTLZYGCS8EsDNa6jAdGhc2IMVbL6W59cHGcqZnBEYDlsFnaXhgd5ydeomcCfmi6kyMFiP56CDXwmnxCg0d62aEJYC8CjSM56/weC9aWZ6QjMSUljUhAM0bN/sI
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=TnF5e2rMlbmJeFh0q/iOQI4TwDwmf+cUtBRWDB9A8ZctjRW9kcKUVjmFaZJrqDC4JMnaUUiwgEcjZ8RBuMdGriHOBSbjXjkYjXZ+rWAFsDMDRRkxf5SpUoC/bwfXnYgndJXwI2jsqOpXYIq4j9GpG34dV3BZ6p1ioe/O7ZqkR8C2; AWSALBTGCORS=4WPX5g9CiMDGu9PxQQ4C/Gd9eatsWm7QOj34v2hA49IlIctPgqyJuuNAbn4DqHs6jlbZS0sxEgtoz6xTXHAVuNycZFWzIa3VtwUkZOWIVDFHZb45NiDIvxwVTM89CfnsE8RuePxZ97Xu6Ci2F7mdmhR5K5LoDaiva4OUcu0FvRGW
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=45f46bb8-25cb-4b71-83f6-d999b86f87f4&sn=2&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=uaQV2bRN6pwy39tpBnciYeNP1bEOL7l624cAHhaoMgIeiqiSvpezKqCqqIGtC44D2R0qSiFX9zo7j5W0Woj51nQf4Jt+t69QS217naXWqnva5hetVFkIYQUzgUeVlAvU48O3+p1MQ4Qma3mMJnoQw5ASuBgfsADNHtFEE8CGv7uT; AWSALBTGCORS=AKYdH/RKmPhDsJixdujGjmv6fi0Lnb3qJFGACUQtT2JzBFMUabTQv1Y68v++g1tlfDDQCNjlIbYFfoOWyiSfUFiGnQmZEXvmj6mhrqsvVVzBtSTLl57EOhcD4WbDhv6HON0P2/IsycXnc/B0Rl/GByMjXkjA8821oXT4gik7l9Mn
Source: global traffic	HTTP traffic detected: GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1Host: resources.digital-cloud-prem.medallia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://connect.secure.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "f911470fe0e560afcc355e2b7c2d14e0"If-Modified-Since: Wed, 27 Mar 2024 18:29:51 GMT
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:b14d05b9-5eab-4a43-8130-c3727d83728a\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631986995
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=45f46bb8-25cb-4b71-83f6-d999b86f87f4&sn=3&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=bZQ/tK7tydwGf95VdJbmQZurKeYoR8CoaVIN6qcMA2+uxqJGRy40T9I0vZRKYxHOvTEKkWcLvv3jjY69Rf9280xmcR6DQRXwpUeE68XSdM9G3x4Cy0lfMxirNOLh4eS/czb78h2fCbNaboYLxu47Djs5ewVpeBB+W6JQycISteeP; AWSALBTGCORS=1nneZpH7XEp7tcubFMweCig3Zpwyi8Yj0gyDbRMnKI8eAXi+d73HL155+NlJ2v5VKU6jtPx3GfK7ldx8pDkzS1Rup3BIX82/uHyL2c69EaCXQQPv+qW3TZodeiMnRp+Aplt6bvGoVGeLbCDxvXsruyFeJ620qfDSW5TYjRWfGXNg
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiSW5pY2llIHNlc2nDs24gcGFyYSB2ZXIgc3VzIGN1ZW50YXMgcGVyc29uYWxlcyB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cHM6Ly9jb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbS9hdXRoL2xvZ2luL3ByZXNlbnQ/b3JpZ2luPWNvYiZMT0I9Q09OUyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNzExNjMxOTg5OTgzIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMSwidXNlcl9pZCI6ICIxOGU4NTM3N2IwMTVjZS0wOWE2M2JhODM4NTk5YS0yNjAzMWU1MS0xNDAwMDAtMThlODUzNzdiMDI3NzIiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cHM6Ly9jb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbS9hdXRoL2xvZ2luL3ByZXNlbnQ/b3JpZ2luPWNvYiZMT0I9Q09OUyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1NTgzLWFhNzAtNWFmOS1mMmQ2LWQ0MTYtMGU3MS1jYzNhLTE3OWIiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcxMTYzMTk4OTk3NyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAzMjM1LCJrYW1weWxlX3ZlcnNpb24iOiAiMi41My4xIiwib25zaXRlX3ZlcnNpb24iOiAiMi41My4xIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNzExNjMxOTg5OTgzLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi41My40XzIwMjMxMjE5MjI0MTAwIn0KXX0= HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://connect.secure.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1Host: resources.digital-cloud-prem.medallia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "f911470fe0e560afcc355e2b7c2d14e0"If-Modified-Since: Wed, 27 Mar 2024 18:29:51 GMT
Source: global traffic	HTTP traffic detected: GET /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiSW5pY2llIHNlc2nDs24gcGFyYSB2ZXIgc3VzIGN1ZW50YXMgcGVyc29uYWxlcyB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cHM6Ly9jb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbS9hdXRoL2xvZ2luL3ByZXNlbnQ/b3JpZ2luPWNvYiZMT0I9Q09OUyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNzExNjMxOTg5OTgzIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMSwidXNlcl9pZCI6ICIxOGU4NTM3N2IwMTVjZS0wOWE2M2JhODM4NTk5YS0yNjAzMWU1MS0xNDAwMDAtMThlODUzNzdiMDI3NzIiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cHM6Ly9jb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbS9hdXRoL2xvZ2luL3ByZXNlbnQ/b3JpZ2luPWNvYiZMT0I9Q09OUyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1NTgzLWFhNzAtNWFmOS1mMmQ2LWQ0MTYtMGU3MS1jYzNhLTE3OWIiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcxMTYzMTk4OTk3NyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAzMjM1LCJrYW1weWxlX3ZlcnNpb24iOiAiMi41My4xIiwib25zaXRlX3ZlcnNpb24iOiAiMi41My4xIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNzExNjMxOTg5OTgzLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi41My40XzIwMjMxMjE5MjI0MTAwIn0KXX0= HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=6440b9bb-94c9-403c-a3ca-18f1176e2355&sn=5&cfg=201c2b80&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=PwmyLZ2gQlUoG9gX17GRxEwUQA75bAuYLKerwEvo/PaAF8D1s15L2tzMIVyWk+VO9AvZdCSDY3oqxtOuaEalVmd0Uzo723e5Qyflcvqiu+wA/8W/6v3ZMWO4mzvfHEGrwZe52lnt58q4SX07ftzq5DScuh9qw2MkoeOijC2n8fiS; AWSALBTGCORS=NBA3Ex6M3lxKudvTnFT/UTgjjf2oZGck+AmQV7TOkd9JVgaTvRyDa8GscHVdt09Fk74Bnuk8M6SfGpkMtEdaeh7bkVT0xFsf7zNkbJ/hHAq6+W+EOeYLJEpZqlAobMjRluLvYII2xPpv83kw6lcutyJlQZad/f7K/L5nP2WUtkNx
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZD/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:d46a70e9-e7a3-4744-864f-de3922c41ef8\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:4\|t:1711631990745
Source: global traffic	HTTP traffic detected: GET /api/identity/idl?pid=1317 HTTP/1.1Host: api.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=9fa406fb-8541-4a53-bdc9-8d711b8258a5&sn=5&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=jXXDU0DwO6w9ZjUGmtU7sQkyXSh/KVWiL26rpBBDSeazW5oQU4NIx7ZBW530i2ercos5IDBN0KNKm7IxSc1l3Q5/lgeMTFHV2vq0uGk282trmXYhf2TfHAyA6NpyZ18tCAw1+s4gf4SwcHb7sWRlZ+Z0dA89Vofck3rR/qu2orH1; AWSALBTGCORS=WVQwzGTPC7fNQ7hJFDRV9t7jRxdtuxQWmvR6E9du/yfALXjNrb8Uj6M4UQlzZaGjnOrv4eNeVrRAIu3mHu4/e5y7VHvSKYuhhbWI4gQ4cP3IkdYv2uHDcnhUcp+CLLAh6ElOCWvhFYwxl51bkwahMLkQqXUAh/IEr/a9sjkvHYer
Source: global traffic	HTTP traffic detected: GET /api/identity/idl?pid=1317 HTTP/1.1Host: api.rlcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:a3097cd2-090d-401c-ad0b-1ccb5aeae2cd\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:7\|t:1711631992672
Source: global traffic	HTTP traffic detected: GET /WellsFargo/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vZXMvY2hlY2tpbmcv HTTP/1.1Host: data.schemaapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36x-api-key: XPJKP-GI7DG-FVNWZ-45W51sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WellsFargo/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vZXMvY2hlY2tpbmcv HTTP/1.1Host: data.schemaapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=a77f2f58-57ce-4d1c-8339-460310ea325a&sn=1&cfg&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=oHmod1rVfccMBs7n4JczAASJWlsheOYD9G9dSpyAqkiJ4ylAfKShv1IJFX4W9Cwn6IWmg+1OhuQP2tsLZYfBwssUL2N817v42Ybph+cbQ1v9ur1/DxFMgUh/yAEs5DdGqqvXk+AWFsV+9jTmaZSIYy/7+Mo4BPvAEgSJuw4LnHTi; AWSALBTGCORS=uZyLDb4pIAh65zzVLil/PIgOmZ09P5WNP4G1TT2XhJN7eN1XCGbELyBSFF7QY9UV4OaRLhl9e0PKc6beF4m7CTKAJ7Q/kG42KiE9ugLwJDz+KVwduJo/aOprDxM5QYXrbtCWNd4qYbHzMBbxTT2LmlB0lHBLSsjYDDGahQRYvKpy
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=a77f2f58-57ce-4d1c-8339-460310ea325a&sn=2&cfg&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=oHmod1rVfccMBs7n4JczAASJWlsheOYD9G9dSpyAqkiJ4ylAfKShv1IJFX4W9Cwn6IWmg+1OhuQP2tsLZYfBwssUL2N817v42Ybph+cbQ1v9ur1/DxFMgUh/yAEs5DdGqqvXk+AWFsV+9jTmaZSIYy/7+Mo4BPvAEgSJuw4LnHTi; AWSALBTGCORS=JIErQW5QRrK4/NC/DNObaAguwTh1L/Aiuskn1djyi516hvwz2nDwoZCzuTrbMayncsk9t/UVqY38o1Z3RaZnUBzK+MYhHG47Hs4k+u1DCUdb5+crdgLn3pOzriCqeVYjeMT0y5aLZyOkZz247dUxP2oD+cGxpmJ86Lm4NhQR3Re7
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=wellsfargo_adh&google_hm=MTUxMTA2MTUzNS4xNzExNjMxOTUw&_rnd=0.528690021422805 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=a77f2f58-57ce-4d1c-8339-460310ea325a&sn=3&cfg=fc5c7ded&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=5dw9iknX8DmiJwsLoN7qebn4l1nviRZss/RdUV+VuFIWubnjRDyBO3X/k+P23T0sgbHpirV1ovmxL8hbCgqs2Ve+SLtFI6QcDLPvtPFYgE7uYMFFacDQXmL2sIrkuKQZ7gdjiiN+94/jm0pNw/jhAz4/3HN4+Hw0ADmFMVbObYp+; AWSALBTGCORS=/ZECdzSbMSa/lpZktC2ecA9htHU/1K/OcYhoQy9G3kP3LF6jVDSyi8MAgs3ETOqntmWHQUiARiqGB8+O/AG39bs+b//3BOF3v5I7acHWEsITE3HlPMjOnATebKZxbzEDsnTMQNzWGbMS3Y1NTbw8nlAVmkIhrTm1ZHoQ8KTmrPqd
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=0&d_mid=33918683021254472264168527825999287273&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1711631999701 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/984436569/?random=1711632000084&cv=9&fst=1711632000084&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fchecking%2F&ref=null&tiba=Cuentas%20de%20cheques%3A%20abra%20una%20cuenta%20por%20Internet%20hoy%20mismo%20%7C%20Wells%20Fargo&hn=www.google.com&async=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /pixel?google_gm=AMnCDoppDmysQ0EwfuNyQisMDHjame1guHW2IIS6dxbAtlz8vxAtRDbqlIDtd545bq7TMCLXhLhdtkZoEea-6Rnwh-iv5AqzvhNWr7G3wxfANPyDUkwwgNk HTTP/1.1Host: fcmatch.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=0&d_mid=33918683021254472264168527825999287273&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1711631999701 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /wi/config/.json HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711632000084&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fchecking%2F&ref=null&tiba=Cuentas%20de%20cheques%3A%20abra%20una%20cuenta%20por%20Internet%20hoy%20mismo%20%7C%20Wells%20Fargo&async=1&is_vtc=1&cid=CAQSKQB7FLtq9aGoUrlj6bBo2oPEvRqEL3w-tCAkG6FQ7Hc3MjC6klj22g1B&random=680170720&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=b482a243-3b29-434a-81f1-7ba1202c8c7c HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel?google_gm=AMnCDoppDmysQ0EwfuNyQisMDHjame1guHW2IIS6dxbAtlz8vxAtRDbqlIDtd545bq7TMCLXhLhdtkZoEea-6Rnwh-iv5AqzvhNWr7G3wxfANPyDUkwwgNk HTTP/1.1Host: fcmatch.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=ZgVuWQAAA9eF_wAm&d_uuid=33955380241426191774167127150413392378 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /adscores/g.pixel?sid=9211132908&aam=33955380241426191774167127150413392378 HTTP/1.1Host: aa.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/984436569/?random=1711632000084&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fchecking%2F&ref=null&tiba=Cuentas%20de%20cheques%3A%20abra%20una%20cuenta%20por%20Internet%20hoy%20mismo%20%7C%20Wells%20Fargo&async=1&is_vtc=1&cid=CAQSKQB7FLtq9aGoUrlj6bBo2oPEvRqEL3w-tCAkG6FQ7Hc3MjC6klj22g1B&random=680170720&resp=GooglemKTybQhCsO HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=a6d541f2-f16a-487d-a378-34648a735afe HTTP/1.1Host: edge.adobedc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /365868.gif?partner_uid=33955380241426191774167127150413392378 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=ZgVuWQAAA9eF_wAm&d_uuid=33955380241426191774167127150413392378 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzM5NTUzODAyNDE0MjYxOTE3NzQxNjcxMjcxNTA0MTMzOTIzNzg= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUn9rytSykevrBeToL32gq_NsFMKgT3NrxBbw_LuMGLSIoLpxvQi6G0KdDgf; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTGCORS=9uw/F0p2GcTqCr9i30d7NihK7jz3x75pXcnhOYZ//v/3/5WySMDMc9zt4oMvjJs8TvURzJ3J+su76c4Luo+ZQd0sa0K3VIlYeenFaqG4/kdyU4yF4oUzEa8gGu3v7aNhzQB9FUZpsMrxFjU+Lfj3SUiY9SopgYlBT491Ugy2jJkW
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=21&dpuuid=213680604835005188846 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232
Source: global traffic	HTTP traffic detected: GET /1000.gif?memo=CKyqFhIxCi0IARCYEhomMzM5NTUzODAyNDE0MjYxOTE3NzQxNjcxMjcxNTA0MTMzOTIzNzgQABoNCILdlbAGEgUI6AcQAEIASgA HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=HQrpMtAwzAkzrW2kfU9apE/NWjNTVN5fP4Qe7CFCrSk=; pxrc=CAA=
Source: global traffic	HTTP traffic detected: GET /cms?partner_id=ADOBE&_hosted_id=33955380241426191774167127150413392378&gdpr=0&gdpr_consent= HTTP/1.1Host: cms.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=9uw/F0p2GcTqCr9i30d7NihK7jz3x75pXcnhOYZ//v/3/5WySMDMc9zt4oMvjJs8TvURzJ3J+su76c4Luo+ZQd0sa0K3VIlYeenFaqG4/kdyU4yF4oUzEa8gGu3v7aNhzQB9FUZpsMrxFjU+Lfj3SUiY9SopgYlBT491Ugy2jJkW; AWSALBTGCORS=9CT8jNK2RQrU81kDqO7dz0Iv54LdFD9HeAZ259YUQ9znSFPunQWI0jcPT/CEH3ece88LZkZL+VuWKxGYSI/UearT0tlKBRUBEdP4cw6DBQqWUTDfdnCKX/bXcj3lgGYq7Yr4NSzR2k8bcDEgW8nM8rjplKXgxpnQV9duzofowW2N
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESEAYXrBaGbqB6HFcPdhpHR7g&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=375E6F2E0D8F6B9C2CEB7C8E098F6DFE HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=21&dpuuid=213680604835005188846 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399; dpm=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=477&dpuuid=bf3583479cfa2b30b4765233abf108d3347eb75cc59033dc0445efe44ff670a9b0da87c991749652 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399; dpm=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /ups/58782/cms?partner_id=ADOBE&_hosted_id=33955380241426191774167127150413392378&gdpr=0&gdpr_consent= HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBIJuBWYCEPb8U-CJH60GQy4IhOZlKpkFEgEBAQHABmYPZtxI0iMA_eMAAA&S=AQAAAhyf74IaX1jvls8UIM27QZU
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESEAYXrBaGbqB6HFcPdhpHR7g&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399; dpm=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=375E6F2E0D8F6B9C2CEB7C8E098F6DFE HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399; dpm=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1Host: resources.digital-cloud-prem.medallia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "f911470fe0e560afcc355e2b7c2d14e0"If-Modified-Since: Wed, 27 Mar 2024 18:29:51 GMT
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=477&dpuuid=bf3583479cfa2b30b4765233abf108d3347eb75cc59033dc0445efe44ff670a9b0da87c991749652 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399; dpm=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=30646?dpuuid=y-13al3Z5E2pE8CkorAJgl6rqMyZb7QOVtPr4-~A HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399; dpm=33955380241426191774167127150413392378
Source: global traffic	HTTP traffic detected: GET /event?d_dil_ver=9.5&_ts=1711632001776 HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399
Source: global traffic	HTTP traffic detected: GET /sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP/1.1Host: trc.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1Host: resources.digital-cloud-prem.medallia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "f911470fe0e560afcc355e2b7c2d14e0"If-Modified-Since: Wed, 27 Mar 2024 18:29:51 GMT
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQ3VlbnRhcyBkZSBjaGVxdWVzOiBhYnJhIHVuYSBjdWVudGEgcG9yIEludGVybmV0IGhveSBtaXNtbyB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vZXMvY2hlY2tpbmcvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MTE2MzIwMDI1ODMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE4ZTg1MzcyMGUxYTktMDk3NzFhODk2YmIxNmMtMjYwMzFlNTEtMTQwMDAwLTE4ZTg1MzcyMGUzMmY4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2VzL2NoZWNraW5nLyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI0MzhkLTBhNTItZjQ2NC04MWM1LWUyOGUtZTkwYS1jZjc5LTEzNTUiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcxMTYzMjAwMjU4MSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAzMDYxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41My4xIiwib25zaXRlX3ZlcnNpb24iOiAiMi41My4xIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNzExNjMyMDAyNTgzLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi41My40XzIwMjMxMjE5MjI0MTAwIn0KXX0= HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=30646?dpuuid=y-13al3Z5E2pE8CkorAJgl6rqMyZb7QOVtPr4-~A HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dpm=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399\|147592-1-1711632002396
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PYY&msg=Assert%20fail%3A%20M50 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PYY&msg=Assert%20fail%3A%20M51 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP/1.1Host: trc.taboola.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQ3VlbnRhcyBkZSBjaGVxdWVzOiBhYnJhIHVuYSBjdWVudGEgcG9yIEludGVybmV0IGhveSBtaXNtbyB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vZXMvY2hlY2tpbmcvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MTE2MzIwMDI1ODMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE4ZTg1MzcyMGUxYTktMDk3NzFhODk2YmIxNmMtMjYwMzFlNTEtMTQwMDAwLTE4ZTg1MzcyMGUzMmY4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2VzL2NoZWNraW5nLyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI0MzhkLTBhNTItZjQ2NC04MWM1LWUyOGUtZTkwYS1jZjc5LTEzNTUiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcxMTYzMjAwMjU4MSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAzMDYxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41My4xIiwib25zaXRlX3ZlcnNpb24iOiAiMi41My4xIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNzExNjMyMDAyNTgzLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi41My40XzIwMjMxMjE5MjI0MTAwIn0KXX0= HTTP/1.1Host: udc-neb.kampyle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PYY&msg=Assert%20fail%3A%20M50 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:6053aa53-4d25-47eb-a17f-8f18b55ab04f\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631998963
Source: global traffic	HTTP traffic detected: GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PYY&msg=Assert%20fail%3A%20M51 HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:6053aa53-4d25-47eb-a17f-8f18b55ab04f\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631998963
Source: global traffic	HTTP traffic detected: GET /dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A7MgQcTp30bjotxx8RJq0t8\|t
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PYY/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:6053aa53-4d25-47eb-a17f-8f18b55ab04f\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:2\|t:1711631998963
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=139200&dpuuid=ZLVBG9sATvitfmBaiM_67A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378; dpm=33955380241426191774167127150413392378; dextp=21-1-1711632000774\|60-1-1711632000882\|477-1-1711632001004\|771-1-1711632001120\|1957-1-1711632001232\|30646-1-1711632001399\|147592-1-1711632002396\|139200-1-1711632003398
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=adobe.com&id=33955380241426191774167127150413392378 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wellsfargobankna.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A7MgQcTp30bjotxx8RJq0t8; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=adobe.com&id=33955380241426191774167127150413392378 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A7MgQcTp30bjotxx8RJq0t8; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZD/adrum HTTP/1.1Host: pdx-col.eum-appdynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SameSite=None; ADRUM_BTa=R:0\|g:017c87ea-3e99-46ce-b663-7d19688f8189\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; ADRUM_BT1=R:0\|i:559461\|e:6\|t:1711632005246
Source: global traffic	HTTP traffic detected: GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=9fa406fb-8541-4a53-bdc9-8d711b8258a5&sn=6&cfg=201c2b80&pv=2&aid= HTTP/1.1Host: gbxreport-prod.wf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; ROUTEID=.cligate1; AWSALBTG=s9LxfQIZszJLxGjE80XfDJbQWw8w3k9PNpV1A3+4xqajdOTFYOAO9VLh1TGyJfvOjHfm6iMKIOXa8slB5Hg+lo6kisMCeDrVFQThDm8Z3jky2pmtgP+4rkBB9hir4sF62t1OVU5qWie0COpcNGwdmTXSoYDM3klNg0mdthiK/TKP; AWSALBTGCORS=ePODO1rryhFUxvR+/Aeo3CWm2QBe15pif/ACruKvJbkqr3sgZ0s6yZUkYDiBU6XU9n7CwOwo5tZsQMiQmdIuZ3WRCSN53w+IPiFSlezhSE4dNo0DwGxJY7cLueUILVmA6fy/ZML1m77jbwdd41rzWeP01yyUEEqF+xqWa/G3L/kD

Source: chromecache_312.2.dr	String found in binary or memory: WF.Component.SocialShare={};WF.Component.SocialShare.Options={"VisibleWidgetItems":["Facebook","Twitter"],"PopupItems":["LinkedIn","email"],"ParameterSharingStyle":"listed","ParametersToShare":["hmc",],"ParametersToNeverShare":["utm_source",],"Shares":{"email":{"Name":{"en":"Email","es":"Correo electrónico"},"ShareUrl":"mailto:?body=EMAIL_BODY&subject=EMAIL_SUBJECT","ImageClass":"email","DataMrktTrackingId":"12b2dcff-4d31-4358-9b5a-2ef159e3e6ae","OldStyleImageClass":"c52email"},"Facebook":{"Name":{"en":"Facebook","es":"Facebook"},"ShareUrl":"http://www.facebook.com/sharer.php?u=(THIS_URL?ss=fb)&t=THIS_HEADER","ImageClass":"facebook","OldStyleImageClass":"c52fb","TrackingCodeShort":"fb","TrackingCodeLong":"facebook","OpenInLightbox":true,"DataMrktTrackingId":"3b21794e-c658-46f4-900f-297d992ea6f9","LightboxUrl":"/exit/social?site=facebook"},"Instagram":{"Name":{"en":"Instagram","es":"Instagram"},"ShareUrl":"/exit/social?site=INSTAGRAM_MAYBE","DataMrktTrackingId":"15b799cb-d9d5-40e4-8be9-087e890bdd0e","ImageClass":"instagram"},"LinkedIn":{"Name":{"en":"LinkedIn","es":"LinkedIn"},"ShareUrl":"http://www.linkedin.com/shareArticle?mini=true&ro=false&url=(THIS_URL?ss=ln)&summary=THIS_TITLE&title=THIS_TITLE&source=","ImageClass":"linkedin","OldStyleImageClass":"c52linkedin","TrackingCodeShort":"ln","DataMrktTrackingId":"63acf149-eab5-49f1-b8f2-2be026ec13ca","TrackingCodeLong":"linkedin"},"Pinterest":{"Name":{"en":"Pinterest","es":"Pinterest"},"ShareUrl":"/exit/social?site=PINTEREST_MAYBE","ImageClass":"pinterest"},"Twitter":{"Name":{"en":"Twitter","es":"Twitter"},"ShareUrl":"http://twitter.com/share?url=(THIS_URL?ss=tw)&text=Discover THIS_HEADER from Wells Fargo - ","ImageClass":"twitter","OldStyleImageClass":"c52twitter","TrackingCodeShort":"tw","TrackingCodeLong":"twitter","DataMrktTrackingId":"415a27d6-dd26-4063-8081-5196399dc4dd","OpenInLightbox":true,"LightboxUrl":"/exit/social?site=twitter"}},"Strings":{"BeginningOfPopup":{"en":"Beginning of popup","es":"Comienzo de ventana emergente"},"EndOfPopup":{"en":"End of popup","es":"Fin de ventana emergente"},"Share":{"en":"Share","es":"Comparta"},"DisclosureHeader":{"en":"Share this page","es":"Comparta esta página"},"DisclosureText":{"en":"Choose a link above. We provide these links to external websites for your convenience. Wells Fargo does not endorse and is not responsible for their content, links, privacy policies, or security policies.","es":"Seleccione uno de los enlaces electrónicos arriba. Para su conveniencia, le proporcionamos estos enlaces electrónicos a sitios de Internet externos. Wells Fargo no avala ni se hace responsable por el contenido, los enlaces electrónicos, las políticas de privacidad o las políticas de seguridad de esos sitios de Internet."},"EmailIntro":{"en":"Hi,\n\nI thought you'd be interested in this page I found on wellsfargo.com: \n\n","es":"Pens equals www.facebook.com (Facebook)
Source: chromecache_312.2.dr	String found in binary or memory: WF.Component.SocialShare={};WF.Component.SocialShare.Options={"VisibleWidgetItems":["Facebook","Twitter"],"PopupItems":["LinkedIn","email"],"ParameterSharingStyle":"listed","ParametersToShare":["hmc",],"ParametersToNeverShare":["utm_source",],"Shares":{"email":{"Name":{"en":"Email","es":"Correo electrónico"},"ShareUrl":"mailto:?body=EMAIL_BODY&subject=EMAIL_SUBJECT","ImageClass":"email","DataMrktTrackingId":"12b2dcff-4d31-4358-9b5a-2ef159e3e6ae","OldStyleImageClass":"c52email"},"Facebook":{"Name":{"en":"Facebook","es":"Facebook"},"ShareUrl":"http://www.facebook.com/sharer.php?u=(THIS_URL?ss=fb)&t=THIS_HEADER","ImageClass":"facebook","OldStyleImageClass":"c52fb","TrackingCodeShort":"fb","TrackingCodeLong":"facebook","OpenInLightbox":true,"DataMrktTrackingId":"3b21794e-c658-46f4-900f-297d992ea6f9","LightboxUrl":"/exit/social?site=facebook"},"Instagram":{"Name":{"en":"Instagram","es":"Instagram"},"ShareUrl":"/exit/social?site=INSTAGRAM_MAYBE","DataMrktTrackingId":"15b799cb-d9d5-40e4-8be9-087e890bdd0e","ImageClass":"instagram"},"LinkedIn":{"Name":{"en":"LinkedIn","es":"LinkedIn"},"ShareUrl":"http://www.linkedin.com/shareArticle?mini=true&ro=false&url=(THIS_URL?ss=ln)&summary=THIS_TITLE&title=THIS_TITLE&source=","ImageClass":"linkedin","OldStyleImageClass":"c52linkedin","TrackingCodeShort":"ln","DataMrktTrackingId":"63acf149-eab5-49f1-b8f2-2be026ec13ca","TrackingCodeLong":"linkedin"},"Pinterest":{"Name":{"en":"Pinterest","es":"Pinterest"},"ShareUrl":"/exit/social?site=PINTEREST_MAYBE","ImageClass":"pinterest"},"Twitter":{"Name":{"en":"Twitter","es":"Twitter"},"ShareUrl":"http://twitter.com/share?url=(THIS_URL?ss=tw)&text=Discover THIS_HEADER from Wells Fargo - ","ImageClass":"twitter","OldStyleImageClass":"c52twitter","TrackingCodeShort":"tw","TrackingCodeLong":"twitter","DataMrktTrackingId":"415a27d6-dd26-4063-8081-5196399dc4dd","OpenInLightbox":true,"LightboxUrl":"/exit/social?site=twitter"}},"Strings":{"BeginningOfPopup":{"en":"Beginning of popup","es":"Comienzo de ventana emergente"},"EndOfPopup":{"en":"End of popup","es":"Fin de ventana emergente"},"Share":{"en":"Share","es":"Comparta"},"DisclosureHeader":{"en":"Share this page","es":"Comparta esta página"},"DisclosureText":{"en":"Choose a link above. We provide these links to external websites for your convenience. Wells Fargo does not endorse and is not responsible for their content, links, privacy policies, or security policies.","es":"Seleccione uno de los enlaces electrónicos arriba. Para su conveniencia, le proporcionamos estos enlaces electrónicos a sitios de Internet externos. Wells Fargo no avala ni se hace responsable por el contenido, los enlaces electrónicos, las políticas de privacidad o las políticas de seguridad de esos sitios de Internet."},"EmailIntro":{"en":"Hi,\n\nI thought you'd be interested in this page I found on wellsfargo.com: \n\n","es":"Pens equals www.linkedin.com (Linkedin)
Source: chromecache_312.2.dr	String found in binary or memory: WF.Component.SocialShare={};WF.Component.SocialShare.Options={"VisibleWidgetItems":["Facebook","Twitter"],"PopupItems":["LinkedIn","email"],"ParameterSharingStyle":"listed","ParametersToShare":["hmc",],"ParametersToNeverShare":["utm_source",],"Shares":{"email":{"Name":{"en":"Email","es":"Correo electrónico"},"ShareUrl":"mailto:?body=EMAIL_BODY&subject=EMAIL_SUBJECT","ImageClass":"email","DataMrktTrackingId":"12b2dcff-4d31-4358-9b5a-2ef159e3e6ae","OldStyleImageClass":"c52email"},"Facebook":{"Name":{"en":"Facebook","es":"Facebook"},"ShareUrl":"http://www.facebook.com/sharer.php?u=(THIS_URL?ss=fb)&t=THIS_HEADER","ImageClass":"facebook","OldStyleImageClass":"c52fb","TrackingCodeShort":"fb","TrackingCodeLong":"facebook","OpenInLightbox":true,"DataMrktTrackingId":"3b21794e-c658-46f4-900f-297d992ea6f9","LightboxUrl":"/exit/social?site=facebook"},"Instagram":{"Name":{"en":"Instagram","es":"Instagram"},"ShareUrl":"/exit/social?site=INSTAGRAM_MAYBE","DataMrktTrackingId":"15b799cb-d9d5-40e4-8be9-087e890bdd0e","ImageClass":"instagram"},"LinkedIn":{"Name":{"en":"LinkedIn","es":"LinkedIn"},"ShareUrl":"http://www.linkedin.com/shareArticle?mini=true&ro=false&url=(THIS_URL?ss=ln)&summary=THIS_TITLE&title=THIS_TITLE&source=","ImageClass":"linkedin","OldStyleImageClass":"c52linkedin","TrackingCodeShort":"ln","DataMrktTrackingId":"63acf149-eab5-49f1-b8f2-2be026ec13ca","TrackingCodeLong":"linkedin"},"Pinterest":{"Name":{"en":"Pinterest","es":"Pinterest"},"ShareUrl":"/exit/social?site=PINTEREST_MAYBE","ImageClass":"pinterest"},"Twitter":{"Name":{"en":"Twitter","es":"Twitter"},"ShareUrl":"http://twitter.com/share?url=(THIS_URL?ss=tw)&text=Discover THIS_HEADER from Wells Fargo - ","ImageClass":"twitter","OldStyleImageClass":"c52twitter","TrackingCodeShort":"tw","TrackingCodeLong":"twitter","DataMrktTrackingId":"415a27d6-dd26-4063-8081-5196399dc4dd","OpenInLightbox":true,"LightboxUrl":"/exit/social?site=twitter"}},"Strings":{"BeginningOfPopup":{"en":"Beginning of popup","es":"Comienzo de ventana emergente"},"EndOfPopup":{"en":"End of popup","es":"Fin de ventana emergente"},"Share":{"en":"Share","es":"Comparta"},"DisclosureHeader":{"en":"Share this page","es":"Comparta esta página"},"DisclosureText":{"en":"Choose a link above. We provide these links to external websites for your convenience. Wells Fargo does not endorse and is not responsible for their content, links, privacy policies, or security policies.","es":"Seleccione uno de los enlaces electrónicos arriba. Para su conveniencia, le proporcionamos estos enlaces electrónicos a sitios de Internet externos. Wells Fargo no avala ni se hace responsable por el contenido, los enlaces electrónicos, las políticas de privacidad o las políticas de seguridad de esos sitios de Internet."},"EmailIntro":{"en":"Hi,\n\nI thought you'd be interested in this page I found on wellsfargo.com: \n\n","es":"Pens equals www.twitter.com (Twitter)
Source: chromecache_325.2.dr	String found in binary or memory: return a;};u.map={};u.extend=[function(a,b){try{if((b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/'.toLowerCase()&&b['device_type'].toString().toLowerCase()=='DESKTOP'.toLowerCase()&&b['page_type'].toString().toLowerCase()=='BROWSER'.toLowerCase())\|\|(b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/'.toLowerCase()&&b['device_type'].toString().toLowerCase()=='TABLET'.toLowerCase()&&b['page_type'].toString().toLowerCase()=='BROWSER'.toLowerCase())){b['fb_ev_value']='ALL_ALL_PAGE_WFHomepage';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/'.toLowerCase()&&b['device_type'].toString().toLowerCase()=='MOBILE'.toLowerCase()&&b['page_type'].toString().toLowerCase()=='BROWSER'.toLowerCase())){b['fb_ev_value']='FrontPorchHomePage';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/com/'.toLowerCase()&&b['page_type'].toString().toLowerCase()=='BROWSER'.toLowerCase())){b['fb_ev_value']='ALL_ALL_PAGE_WFCommercialHomepage';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}}];u.send=function(a,b){if(u.ev[a]\|\|u.ev.all!==undefined){utag.DB("send:95");utag.DB(b);var c;u.t="@@";u.i=[];u.p=["//www.facebook.com/tr?id=@@fb_id@@&ev=@@fb_ev_value@@&cd[currency]=USD&cd[value]=0.00&cd[Product]=@@product_code@@&cd[Subproduct]=@@subproduct_code@@&cd[PageID]=@@page_id@@&cd[customer_status]=@@customer_status@@&cd[customer_type]=@@customer_type@@&dpo=LDU&dpoco=0&dpost=0","","","","","","",""];u.delim="";u.cachebust="disabled";u.cachevar=""\|\|"_rnd";for(c=0;c<u.extend.length;c++){try{d=u.extend[c](a,b);if(d==false)return}catch(e){}};if(!b.fb_ev_value)return false;for(c=0;c<u.p.length;c++){if(u.p[c]!=""){var x=u.rp(u.p[c],b);if(x!=""){if(u.cachebust=="enabled"&&x.indexOf(u.cachevar)<0){if(x.indexOf("?")<0){u.delim="?";}else{u.delim="&";} equals www.facebook.com (Facebook)
Source: chromecache_522.2.dr	String found in binary or memory: return a;};u.map={};u.extend=[function(a,b){try{if((b['customer_type'].toString().toLowerCase()=='BOB'.toLowerCase()&&b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase())){b['fb_id']='1578146899100389';b['fb_ev_value']='ALL_ALL_Page_LoginApp_BOB'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['customer_type'].toString().toLowerCase()=='COB'.toLowerCase()&&b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase())){b['fb_id']='1578146899100389';b['fb_ev_value']='ALL_ALL_Page_LoginApp_COB'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['customer_type'].toString().toLowerCase()=='TPB'.toLowerCase()&&b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase())){b['fb_id']='1578146899100389';b['fb_ev_value']='ALL_ALL_Page_LoginApp_TPB'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['customer_type'].toString().toLowerCase()=='WFA'.toLowerCase()&&b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase())\|\|(b['customer_type'].toString().toLowerCase()=='PCG'.toLowerCase()&&b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase())){b['fb_id']='1578146899100389';b['fb_ev_value']='ALL_ALL_Page_LoginApp_WFA'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase()&&b['page_id'].toString().toLowerCase()=='SUREPAY_LOGIN'.toLowerCase())){b['fb_id']='1578146899100389';b['fb_ev_value']='online_banking_zelle_signon_pageload'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase()&&b['page_id'].toString().toLowerCase()=='SERVICETYPE_LOGIN'.toLowerCase())){b['fb_id']='1578146899100389';b['fb_ev_value']='DPG_Security_Thematic_Secure_LogIn_FB_PageView'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase()&&b['page_id'].toString().toLowerCase()=='SERVICETYPE_LOGIN'.toLowerCase()&&b['dom.query_string'].toString().toLowerCase().indexOf('serviceType=ZelleHub'.toLowerCase())>-1)){b['fb_id']='1578146899100389';b['fb_ev_value']='online_banking_zelle_signon_pageload'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase()&&b['page_id'].toString().toLowerCase()=='SERVICETYPE_LOGIN'.toLowerCase()&&b['dom.query_string'].toString().toLowerCase().indexOf('serviceType=makeTransfer'.toLowerCase())>-1)){b['fb_id']='1578146899100389';b['fb_ev_value']='CSBB_Transfer_Secure_Login_PageView'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase()&&b['page_id'].toString().toLowerCase()=='SERVICETYPE_LOGIN'.toLowerCase()&&b['dom.query_string'].toString().toLowerCase().indexOf('serviceType=CONTROL_TOWER'.toLowerCase())>-1)){b['fb_id']='1578146899100389';b['fb_ev_value']='CSBB_ControlTower_Secure_Login_PageView'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='loginapp'.toLowerCase()&&b['page_id'].toString().toLowerCase()=='SERVICETYPE_LOGIN'.toLowerCase()&&b['dom.
Source: chromecache_406.2.dr	String found in binary or memory: try{(function(id,loader,u){try{u=utag.o[loader].sender[id]={}}catch(e){u=utag.sender[id]};u.ev={'view':1};u.t='@@',u.i=[],u.p=["//www.facebook.com/tr?id=@@fb_id@@&ev=@@fb_ev_value@@&cd[currency]=USD&cd[value]=0.00&cd[Product]=@@product_code@@&cd[Subproduct]=@@subproduct_code@@&cd[PageID]=@@page_id@@&cd[CustomerType]=@@customer_type@@&cd[CustomerStatus]=@@customer_status@@&dpo=LDU&dpoco=0&dpost=0","","","","","","",""];u.cachebust="enabled";u.cachevar=""\|\|"_rnd";u.map={};u.extend=[function(a,b){try{if(b['canonical_page_url'].toString().toLowerCase()=='/savings-cds/'.toLowerCase()\|\|b['canonical_page_url'].toString().toLowerCase()=='/checking/'.toLowerCase()){b['fb_ev_value']='PageView';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/mortgage/buying-a-house/'.toLowerCase())){b['fb_ev_value']='MTG_C_Page_Mortage_BuyingAHouseStart';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/mortgage/'.toLowerCase())){b['fb_ev_value']='MTG_Mortgage_Homepage';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}},function(a,b){try{if((b['app_id'].toString().toLowerCase()=='WWW'.toLowerCase()&&b['canonical_page_url'].toString().toLowerCase()=='/es/mortgage/'.toLowerCase())){b['fb_ev_value']='MTG_ALL_Page_Mortgage_SpanishHome';b['fb_id']='1578146899100389'}}catch(e){utag.DB(e);}}];u.send=function(a,b,c,d,e,f){if(u.ev[a]){for(c=0;c<u.extend.length;c++){try{d=u.extend[c](a,b);if(d==false)return}catch(e){}};if(!b.fb_ev_value)return false;for(c=0;c<u.p.length;c++){if(u.p[c]!=""){var x=u.rp(u.p[c],b);if(x!=""){if(u.cachebust=="enabled"&&x.indexOf("_rnd")<0){x+="&"+u.cachevar+"="+Math.random();} equals www.facebook.com (Facebook)

Source: unknown

DNS traffic detected: queries for: www.wellsfargo.com

Source: unknown

HTTP traffic detected: POST /event?d_dil_ver=9.5&_ts=1711631938588 HTTP/1.1Host: wellsfargobankna.demdex.netConnection: keep-aliveContent-Length: 429sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://www.wellsfargo.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.wellsfargo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=33955380241426191774167127150413392378

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: da61659a-abde-48a3-9419-2c57a11180c1vary: Origindate: Thu, 28 Mar 2024 13:19:08 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: f134fe53-5091-456a-be12-2dea853e8e15vary: Origindate: Thu, 28 Mar 2024 13:19:10 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 317314e2-8dae-44f3-9162-d4a17bf67080vary: Origindate: Thu, 28 Mar 2024 13:19:10 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 5afea92c-2d16-47bb-bad5-3f8c2691ab16vary: Origindate: Thu, 28 Mar 2024 13:19:10 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 900cd0b2-1c9d-47f7-a525-63111b62e5d0vary: Origindate: Thu, 28 Mar 2024 13:19:10 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: f2e33ec7-add7-4d65-bbc5-35397cba5374vary: Origindate: Thu, 28 Mar 2024 13:19:11 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 8acba3f7-0ecc-4bd9-9f1e-c9ed2fbea068vary: Origindate: Thu, 28 Mar 2024 13:19:10 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 70366921-0956-4540-aa73-5cb5ec2194d8vary: Origindate: Thu, 28 Mar 2024 13:19:10 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: c40b8a92-02fa-456b-ae31-ce3345e2ea42vary: Origindate: Thu, 28 Mar 2024 13:19:24 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 2aba2bf0-2f1f-4c0d-856d-97df1acdd718vary: Origindate: Thu, 28 Mar 2024 13:19:25 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: f9ab8551-492e-489e-9017-87923a423d5dvary: Origindate: Thu, 28 Mar 2024 13:19:28 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 91ec6c7c-8196-4547-aa93-aae7a0c3b322vary: Origindate: Thu, 28 Mar 2024 13:19:27 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 7d57ee8f-2442-4298-8218-7b4c8f4a5dd2vary: Origindate: Thu, 28 Mar 2024 13:19:43 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 097b5d70-c89b-4f9f-a889-04c866fba6b7vary: Origindate: Thu, 28 Mar 2024 13:19:43 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: f9969528-fe00-4a85-9056-cebe4b4a3f85vary: Origindate: Thu, 28 Mar 2024 13:19:45 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 82f6936a-61e1-4489-83e1-f802151ff0cdvary: Origindate: Thu, 28 Mar 2024 13:19:44 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: b482a243-3b29-434a-81f1-7ba1202c8c7cvary: Origindate: Thu, 28 Mar 2024 13:20:00 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: a6d541f2-f16a-487d-a378-34648a735afevary: Origindate: Thu, 28 Mar 2024 13:20:01 GMTx-konductor: N/Ax-adobe-edge: VA6;7server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close

Source: chromecache_475.2.dr, chromecache_621.2.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_326.2.dr	String found in binary or memory: http://cdn.appdynamics.com
Source: chromecache_436.2.dr, chromecache_480.2.dr	String found in binary or memory: http://code.google.com/p/episodes/
Source: chromecache_326.2.dr	String found in binary or memory: http://col.eum-appdynamics.com
Source: chromecache_475.2.dr, chromecache_621.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_621.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_436.2.dr, chromecache_480.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_297.2.dr, chromecache_316.2.dr	String found in binary or memory: http://www.bohemiancoding.com/sketch
Source: chromecache_567.2.dr, chromecache_720.2.dr	String found in binary or memory: http://www.glassboxdigital.com
Source: chromecache_524.2.dr	String found in binary or memory: https://)(www.)?(onlinemyaccounts.com
Source: chromecache_506.2.dr	String found in binary or memory: https://aetna.schemaapp.com/
Source: chromecache_311.2.dr, chromecache_265.2.dr, chromecache_325.2.dr, chromecache_389.2.dr	String found in binary or memory: https://api.rlcdn.com/api/identity/idl?pid=1317
Source: chromecache_298.2.dr	String found in binary or memory: https://apply.wellsfargo.com/banker
Source: chromecache_311.2.dr	String found in binary or memory: https://appointments.wellsfargo.com/maa/appointment/
Source: chromecache_311.2.dr	String found in binary or memory: https://businesscard.wellsfargorewards.com/ui-wf/#/rewardspoints
Source: chromecache_326.2.dr	String found in binary or memory: https://cdn.appdynamics.com
Source: chromecache_311.2.dr, chromecache_265.2.dr	String found in binary or memory: https://cdn.schemaapp.com/javascript/
Source: chromecache_695.2.dr, chromecache_341.2.dr, chromecache_325.2.dr	String found in binary or memory: https://cm.g.doubleclick.net/pixel?google_nid=wellsfargo_adh&google_hm=
Source: chromecache_699.2.dr, chromecache_524.2.dr	String found in binary or memory: https://cobrowse-wellsfargo.digital.nuance.com
Source: chromecache_326.2.dr	String found in binary or memory: https://col.eum-appdynamics.com
Source: chromecache_488.2.dr	String found in binary or memory: https://connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/sync/js/
Source: chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	String found in binary or memory: https://connect.secure.wellsfargo.com/accounts/start
Source: chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	String found in binary or memory: https://connect.secure.wellsfargo.com/services/wallet
Source: chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_443.2.dr, chromecache_416.2.dr, chromecache_435.2.dr, chromecache_349.2.dr, chromecache_560.2.dr, chromecache_513.2.dr, chromecache_390.2.dr, chromecache_570.2.dr, chromecache_492.2.dr, chromecache_527.2.dr, chromecache_704.2.dr	String found in binary or memory: https://connect.secure.wellsfargo.com/transferandpay/billpay/
Source: chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	String found in binary or memory: https://connect.secure.wellsfargo.com/transferandpay/p2p/home
Source: chromecache_311.2.dr	String found in binary or memory: https://consumercard.wellsfargorewards.com/#/tnc/tc006
Source: chromecache_334.2.dr	String found in binary or memory: https://ct.pinterest.com/v3/?tid=
Source: chromecache_506.2.dr	String found in binary or memory: https://data.schemaapp.com/
Source: chromecache_506.2.dr	String found in binary or memory: https://datatst.schemaapp.com/
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://developer.sec.wellsfargo.com/portal/documentation;https://developer.removesec.wellsfargo.com
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://developer.sec.wellsfargo.com/portal/myapps;https://developer.sec.wellsfargo.com/products;htt
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://developer.wellsfargo.com/;https://developer.wellsfargo.com/login;https://developer.wellsfarg
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://developer.wellsfargo.com/case-studies;https://developer.wellsfargo.com/all-products;https://
Source: chromecache_311.2.dr	String found in binary or memory: https://featuredemos.wf.com
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://feedback.digital-cloud-prem.medallia.com/
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://feedback.digital-cloud-prem.medallia.com/feedback/api/v2/feedback/submit
Source: chromecache_607.2.dr, chromecache_343.2.dr, chromecache_325.2.dr, chromecache_548.2.dr	String found in binary or memory: https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report
Source: chromecache_475.2.dr, chromecache_621.2.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_269.2.dr, chromecache_633.2.dr, chromecache_664.2.dr, chromecache_493.2.dr, chromecache_461.2.dr, chromecache_617.2.dr, chromecache_379.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_269.2.dr, chromecache_493.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.21.1/LICENSE
Source: chromecache_379.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.24.1/LICENSE
Source: chromecache_617.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.30.1/LICENSE
Source: chromecache_633.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.32.0/LICENSE
Source: chromecache_664.2.dr, chromecache_461.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.36.0/LICENSE
Source: chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	String found in binary or memory: https://icomplete.wellsfargo.com/oas/status/appl/pages/payroll-documentation
Source: chromecache_311.2.dr	String found in binary or memory: https://icomplete.wellsfargo.com/oas/status/personal-loans-rate-checker/getting-started/
Source: chromecache_657.2.dr	String found in binary or memory: https://iframe.arkoselabs.com
Source: chromecache_657.2.dr	String found in binary or memory: https://iframe.arkoselabs.com/$
Source: chromecache_311.2.dr	String found in binary or memory: https://images.cardlytics.com/?http://prehealthcheck.cardlytics.com&ot=f8h4ecv982xg5n1mfi5k&xt=
Source: chromecache_612.2.dr	String found in binary or memory: https://itunes.apple.com/us/app/wells-fargo-mobile/id311548709?mt=8
Source: chromecache_699.2.dr, chromecache_524.2.dr	String found in binary or memory: https://m.wfawellstrade.wellsfargo.com/resources/bmw/html/chat/nuanceChat-wf.html
Source: chromecache_699.2.dr, chromecache_524.2.dr, chromecache_459.2.dr, chromecache_414.2.dr	String found in binary or memory: https://media-wf1.digital.nuance.com
Source: chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	String found in binary or memory: https://oam.wellsfargo.com/oamo/identity
Source: chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	String found in binary or memory: https://oam.wellsfargo.com/oamo/identity/enrollment
Source: chromecache_569.2.dr	String found in binary or memory: https://pdx-col.eum-appdynamics.com
Source: chromecache_667.2.dr, chromecache_612.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.wf.wellsfargomobile
Source: chromecache_502.2.dr	String found in binary or memory: https://products.gobankingrates.com/p/
Source: chromecache_603.2.dr	String found in binary or memory: https://pubads.g.doubleclick.net/activity;xsp=
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/2712/formDataV2_171144411022
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/2714/formDataV2_171144411133
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/2818/formDataV2_171144411168
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/3456/formDataV2_171144410711
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/3457/formDataV2_171144413212
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/3458/formDataV2_171144413168
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/4371/formDataV2_171144411168
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/4372/formDataV2_171144410621
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/4373/formDataV2_171144410775
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/4374/formDataV2_171144411293
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/4435/formDataV2_171144411604
Source: chromecache_355.2.dr, chromecache_553.2.dr	String found in binary or memory: https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
Source: chromecache_339.2.dr	String found in binary or memory: https://rtd-tm.everesttech.net/upi/?sid=
Source: chromecache_607.2.dr, chromecache_343.2.dr, chromecache_325.2.dr, chromecache_548.2.dr	String found in binary or memory: https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report
Source: chromecache_728.2.dr	String found in binary or memory: https://s.amazon-adsystem.com/iu3?pid=a9def04f-edd6-4cf4-94d3-d81bf2b33116&event=
Source: chromecache_699.2.dr, chromecache_524.2.dr	String found in binary or memory: https://static.wellsfargo.com/assets/js/wfui/ndep/nuanceChat-wf.html
Source: chromecache_675.2.dr, chromecache_325.2.dr, chromecache_666.2.dr	String found in binary or memory: https://static.wellsfargo.com/tracking/alloy/alloy.js
Source: chromecache_607.2.dr, chromecache_343.2.dr, chromecache_325.2.dr, chromecache_548.2.dr	String found in binary or memory: https://static.wellsfargo.com/tracking/gb/detector-dom.min.js
Source: chromecache_325.2.dr	String found in binary or memory: https://static.wellsfargo.com/tracking/hp/utag.js
Source: chromecache_265.2.dr	String found in binary or memory: https://static.wellsfargo.com/tracking/public-site/utag.js
Source: chromecache_718.2.dr, chromecache_451.2.dr, chromecache_325.2.dr	String found in binary or memory: https://static.wellsfargo.com/tracking/ytc/ytc.js
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://ubt-lb.digital-cloud-prem.medallia.com
Source: chromecache_459.2.dr	String found in binary or memory: https://wellsfargo.digital.nuance.com
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://wellsoffice.ceo.wellsfargo.com/portal/signon/index.jsp;https://wellsoffice.ceo.wellsfargo.co
Source: chromecache_687.2.dr, chromecache_623.2.dr	String found in binary or memory: https://wellsofficesit.ceo.wellsfargo.com/portal/signon/index.jsp;https://wellsofficesit.ceo.wellsfa
Source: chromecache_311.2.dr	String found in binary or memory: https://wholesalebank.wf.com/contact-us-form?
Source: chromecache_699.2.dr, chromecache_524.2.dr	String found in binary or memory: https://www.wellsfargo.com/?siteID=10006005&chatID=
Source: chromecache_722.2.dr	String found in binary or memory: https://www.wellsfargo.com/Clickthrough&RequestType=Click&COID=
Source: chromecache_699.2.dr, chromecache_524.2.dr	String found in binary or memory: https://www.wellsfargo.com/mortgage/
Source: chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	String found in binary or memory: https://www.wellsfargo.com/mortgage/apply/application-unavailable
Source: chromecache_311.2.dr	String found in binary or memory: https://www.wfhmconsumerevents.com/aspx/events/selecteventbygroup.aspx?group=lift&event=2
Source: chromecache_312.2.dr	String found in binary or memory: https://www17.wellsfargomedia.com
Source: chromecache_655.2.dr	String found in binary or memory: https://www17.wellsfargomedia.com/assets/images/css/about/caret.gif)
Source: chromecache_655.2.dr	String found in binary or memory: https://www17.wellsfargomedia.com/assets/images/css/template/icon-mail-gray.png
Source: chromecache_655.2.dr	String found in binary or memory: https://www17.wellsfargomedia.com/assets/images/css/template/social_share_minus.png
Source: chromecache_693.2.dr	String found in binary or memory: https://www17.wellsfargomedia.com/assets/images/locator/messaging-icon-alert-24x24.svg
Source: chromecache_693.2.dr	String found in binary or memory: https://www17.wellsfargomedia.com/assets/images/locator/messaging-icon-informational-24x24.svg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50614
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50618
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50731
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50475 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 50635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50622
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50503
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50627
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50505
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50507
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50742
Source: unknown	Network traffic detected: HTTP traffic on port 50486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50646 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50513
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50515
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50636
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50635
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50516
Source: unknown	Network traffic detected: HTTP traffic on port 50657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50519
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50464 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50630
Source: unknown	Network traffic detected: HTTP traffic on port 50269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50402
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50644
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50647
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50404
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50646
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50649
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50527
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50401
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50400
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50521
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 50210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50347 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50144 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50702
Source: unknown	Network traffic detected: HTTP traffic on port 50656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50705
Source: unknown	Network traffic detected: HTTP traffic on port 50282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50708
Source: unknown	Network traffic detected: HTTP traffic on port 50258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50709
Source: unknown	Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50713
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50715
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50716
Source: unknown	Network traffic detected: HTTP traffic on port 50672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50429 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50719
Source: unknown	Network traffic detected: HTTP traffic on port 50259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50718
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50723
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50607
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50606
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50727
Source: unknown	Network traffic detected: HTTP traffic on port 50188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 50644 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50458
Source: unknown	Network traffic detected: HTTP traffic on port 50684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50443 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50457
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50699
Source: unknown	Network traffic detected: HTTP traffic on port 50254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50459
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50219
Source: unknown	Network traffic detected: HTTP traffic on port 50546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50450
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50331
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50452
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50333
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50696
Source: unknown	Network traffic detected: HTTP traffic on port 50202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50466 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50213
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50334
Source: unknown	Network traffic detected: HTTP traffic on port 50712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50469
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50347
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50229
Source: unknown	Network traffic detected: HTTP traffic on port 50505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50461
Source: unknown	Network traffic detected: HTTP traffic on port 50723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50465
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50464
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50224
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50466
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50587
Source: unknown	Network traffic detected: HTTP traffic on port 50673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50237
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50479
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50239
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50472
Source: unknown	Network traffic detected: HTTP traffic on port 50317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50471
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50232
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50231
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50476
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50233
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50475
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50598
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50481
Source: unknown	Network traffic detected: HTTP traffic on port 50431 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50249
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 50255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50442 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50240
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 50150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50245
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50244
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50486
Source: unknown	Network traffic detected: HTTP traffic on port 50224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50246
Source: unknown	Network traffic detected: HTTP traffic on port 50696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50250
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50492
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50491
Source: unknown	Network traffic detected: HTTP traffic on port 50082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50656
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50534
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50415
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50659
Source: unknown	Network traffic detected: HTTP traffic on port 50164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50650
Source: unknown	Network traffic detected: HTTP traffic on port 50244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50531
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50652
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50651
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50533
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50532
Source: unknown	Network traffic detected: HTTP traffic on port 50513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50425
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50424
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50548
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50426
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50668
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50429
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50661
Source: unknown	Network traffic detected: HTTP traffic on port 50702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50660
Source: unknown	Network traffic detected: HTTP traffic on port 50201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50300
Source: unknown	Network traffic detected: HTTP traffic on port 50465 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50663
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50420
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50423
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50544
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50665
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50543
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50664
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50663 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50476 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50436
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50678
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50317
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50438
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50437
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50679
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50432
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50431
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50552
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50673
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50434
Source: unknown	Network traffic detected: HTTP traffic on port 50630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50675
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50205
Source: unknown	Network traffic detected: HTTP traffic on port 50503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50325
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50449
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50681
Source: unknown	Network traffic detected: HTTP traffic on port 50245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50201
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50200
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50442
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50203
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50445
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50687
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50323
Source: unknown	Network traffic detected: HTTP traffic on port 50432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50297
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50184
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50183
Source: unknown	Network traffic detected: HTTP traffic on port 50389 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50423 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50188
Source: unknown	Network traffic detected: HTTP traffic on port 50377 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50187
Source: unknown	Network traffic detected: HTTP traffic on port 50331 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50469 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50434 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50445 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 50708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50390 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 50699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 50458 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50492 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50297 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 50481 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 50665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 50170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50424 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50131
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50493
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50254
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50495
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50377
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50255
Source: unknown	Network traffic detected: HTTP traffic on port 50651 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50136
Source: unknown	Network traffic detected: HTTP traffic on port 50731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50260
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50479 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50262
Source: unknown	Network traffic detected: HTTP traffic on port 50391 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50143
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50268
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50389
Source: unknown	Network traffic detected: HTTP traffic on port 50516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50391
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50390
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50272
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50155
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50398
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50159
Source: unknown	Network traffic detected: HTTP traffic on port 50182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50161
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50282
Source: unknown	Network traffic detected: HTTP traffic on port 50666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50164
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50163

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49766 version: TLS 1.2

Source: classification engine

Classification label: sus22.phis.win@26/741@180/53

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2024,i,13790965430040798669,7551964596815697510,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.wellsfargo.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2024,i,13790965430040798669,7551964596815697510,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://www.wellsfargo.com/	0%	Avira URL Cloud	safe
https://www.wellsfargo.com/	0%	Virustotal		Browse

Source	Detection	Scanner	Link
medallia2.map.fastly.net	0%	Virustotal	Browse
fp2e7a.wpc.phicdn.net	0%	Virustotal	Browse
dualstack.tls13.taboola.map.fastly.net	0%	Virustotal	Browse
col.eum-appdynamics.com	0%	Virustotal	Browse
edge.gycpi.b.yahoodns.net	0%	Virustotal	Browse
adobedc.net.ssl.sc.omtrdc.net	0%	Virustotal	Browse
c1.wfinterface.com	0%	Virustotal	Browse
service.maxymiser.net	0%	Virustotal	Browse
ats-eks.us-east-1.dcs-online-targeting-prd.aws.oath.cloud	0%	Virustotal	Browse
demdex.net.ssl.sc.omtrdc.net	0%	Virustotal	Browse
edge.adobedc.net	0%	Virustotal	Browse
pdx-col.eum-appdynamics.com	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label	Link
https://edge.adobedc.net/ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=c40b8a92-02fa-456b-ae31-ce3345e2ea42	0%	Avira URL Cloud	safe
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PYY&msg=Assert%20fail%3A%20M50	0%	Avira URL Cloud	safe
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PYY&msg=Assert%20fail%3A%20M51	0%	Avira URL Cloud	safe
https://edge.adobedc.net/ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=82f6936a-61e1-4489-83e1-f802151ff0cd	0%	Avira URL Cloud	safe
https://edge.adobedc.net/ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=7d57ee8f-2442-4298-8218-7b4c8f4a5dd2	0%	Avira URL Cloud	safe
https://edge.adobedc.net/ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f9ab8551-492e-489e-9017-87923a423d5d	0%	Avira URL Cloud	safe
https://edge.adobedc.net/ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=2aba2bf0-2f1f-4c0d-856d-97df1acdd718	0%	Avira URL Cloud	safe
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZD&msg=Assert%20fail%3A%20M50	0%	Avira URL Cloud	safe
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZD&msg=Assert%20fail%3A%20M51	0%	Avira URL Cloud	safe
https://edge.adobedc.net/ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=a6d541f2-f16a-487d-a378-34648a735afe	0%	Avira URL Cloud	safe
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum	0%	Avira URL Cloud	safe
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PYY/adrum	0%	Avira URL Cloud	safe
https://)(www.)?(onlinemyaccounts.com	0%	Avira URL Cloud	safe
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum	0%	Virustotal		Browse
https://edge.adobedc.net/ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=8acba3f7-0ecc-4bd9-9f1e-c9ed2fbea068	0%	Avira URL Cloud	safe
https://pdx-col.eum-appdynamics.com	0%	Avira URL Cloud	safe
http://col.eum-appdynamics.com	0%	Virustotal		Browse
http://col.eum-appdynamics.com	0%	Avira URL Cloud	safe
https://pdx-col.eum-appdynamics.com	0%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
dart.l.doubleclick.net	172.253.63.149	true	false		high
col.eum-appdynamics.com	35.163.101.91	true	false	0%, Virustotal, Browse	unknown
adservice.google.com	142.251.163.155	true	false		high
d20qwf0wrdtevy.cloudfront.net	18.165.98.81	true	false		high
fp2e7a.wpc.phicdn.net	192.229.211.108	true	false	0%, Virustotal, Browse	unknown
stats.g.doubleclick.net	172.253.62.154	true	false		high
dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com	52.45.39.174	true	false		high
idsync.rlcdn.com	35.244.154.8	true	false		high
dualstack.tls13.taboola.map.fastly.net	151.101.65.44	true	false	0%, Virustotal, Browse	unknown
api.rlcdn.com	34.107.165.188	true	false		high
cm.g.doubleclick.net	142.250.31.156	true	false		high
www.google.com	142.251.16.147	true	false		high
demdex.net.ssl.sc.omtrdc.net	63.140.39.130	true	false	0%, Virustotal, Browse	unknown
medallia2.map.fastly.net	146.75.29.230	true	false	0%, Virustotal, Browse	unknown
star-mini.c10r.facebook.com	31.13.66.35	true	false		high
fcmatch.youtube.com	172.253.63.139	true	false		high
ad.doubleclick.net	142.250.31.148	true	false		high
s.amazon-adsystem.com	52.46.155.104	true	false		high
d3nidttaq34fka.cloudfront.net	18.160.18.39	true	false		high
wf-prod-reports-961680909.us-east-1.elb.amazonaws.com	44.213.50.195	true	false		high
googleads.g.doubleclick.net	142.251.16.157	true	false		high
adobedc.net.ssl.sc.omtrdc.net	63.140.39.65	true	false	0%, Virustotal, Browse	unknown
fcmatch.google.com	172.253.122.113	true	false		high
ats-eks.us-east-1.dcs-online-targeting-prd.aws.oath.cloud	34.200.65.202	true	false	0%, Virustotal, Browse	unknown
edge.gycpi.b.yahoodns.net	69.147.92.11	true	false	0%, Virustotal, Browse	unknown
cooladata.kampyle.com	35.241.45.82	true	false		high
d2unjxrejkh6j9.cloudfront.net	13.32.208.32	true	false		high
www17.wellsfargomedia.com	unknown	unknown	false		high
pdx-col.eum-appdynamics.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
resources.digital-cloud-prem.medallia.com	unknown	unknown	false		high
ups.analytics.yahoo.com	unknown	unknown	false		high
cm.everesttech.net	unknown	unknown	false		high
www.wellsfargo.com	unknown	unknown	false		high
gbxreport-prod.wf.com	unknown	unknown	false		high
connect.secure.wellsfargo.com	unknown	unknown	false		high
udc-neb.kampyle.com	unknown	unknown	false		high
media-wf1.digital.nuance.com	unknown	unknown	false		high
service.maxymiser.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
wellsfargo.digital.nuance.com	unknown	unknown	false		high
ort.wellsfargo.com	unknown	unknown	false		high
adobedc.demdex.net	unknown	unknown	false		high
dpm.demdex.net	unknown	unknown	false		high
aa.agkn.com	unknown	unknown	false		high
www15.wellsfargomedia.com	unknown	unknown	false		high
data.schemaapp.com	unknown	unknown	false		high
www10.wellsfargomedia.com	unknown	unknown	false		high
rtd-tm.everesttech.net	unknown	unknown	false		high
www.facebook.com	unknown	unknown	false		high
trc.taboola.com	unknown	unknown	false		high
c1.wfinterface.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
2549153.fls.doubleclick.net	unknown	unknown	false		high
s.yimg.com	unknown	unknown	false		high
static.wellsfargo.com	unknown	unknown	false		high
tag-wellsfargo.digital.nuance.com	unknown	unknown	false		high
cms.analytics.yahoo.com	unknown	unknown	false		high
edge.adobedc.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
rubicon.wellsfargo.com	unknown	unknown	false		high
cdn.schemaapp.com	unknown	unknown	false		high
wellsfargobankna.demdex.net	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.schemaapp.com/highlighter/prod/WellsFargo/v2/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20	false		high
https://dpm.demdex.net/ibs:dpid=21&dpuuid=213680604835005188846	false		high
https://adservice.google.com/ddm/fls/z/dc_pre=CIDN4PKFl4UDFaYKdgYd4tUFzw;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=*;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F	false		high
https://edge.adobedc.net/ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=c40b8a92-02fa-456b-ae31-ce3345e2ea42	false	Avira URL Cloud: safe	unknown
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PYY&msg=Assert%20fail%3A%20M50	false	Avira URL Cloud: safe	unknown
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PYY&msg=Assert%20fail%3A%20M51	false	Avira URL Cloud: safe	unknown
https://edge.adobedc.net/ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=82f6936a-61e1-4489-83e1-f802151ff0cd	false	Avira URL Cloud: safe	unknown
https://idsync.rlcdn.com/365868.gif?partner_uid=33955380241426191774167127150413392378	false		high
https://edge.adobedc.net/ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=7d57ee8f-2442-4298-8218-7b4c8f4a5dd2	false	Avira URL Cloud: safe	unknown
https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=9fa406fb-8541-4a53-bdc9-8d711b8258a5&sn=2&cfg=fc5c7ded&pv=2&aid=	false		high
https://adservice.google.com/ddm/fls/z/dc_pre=CNn08IKGl4UDFSgVdgYdKtkJ0A;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=*;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F	false		high
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQ3VlbnRhcyBkZSBjaGVxdWVzOiBhYnJhIHVuYSBjdWVudGEgcG9yIEludGVybmV0IGhveSBtaXNtbyB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vZXMvY2hlY2tpbmcvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MTE2MzIwMDI1ODMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE4ZTg1MzcyMGUxYTktMDk3NzFhODk2YmIxNmMtMjYwMzFlNTEtMTQwMDAwLTE4ZTg1MzcyMGUzMmY4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2VzL2NoZWNraW5nLyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI0MzhkLTBhNTItZjQ2NC04MWM1LWUyOGUtZTkwYS1jZjc5LTEzNTUiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcxMTYzMjAwMjU4MSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAzMDYxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41My4xIiwib25zaXRlX3ZlcnNpb24iOiAiMi41My4xIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNzExNjMyMDAyNTgzLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi41My40XzIwMjMxMjE5MjI0MTAwIn0KXX0=	false		high
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQWJvdXQgV2VsbHMgRmFyZ28iLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy53ZWxsc2ZhcmdvLmNvbS9hYm91dC8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTcxMTYzMTk2NzM2MyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDEsInVzZXJfaWQiOiAiMThlODUzNzIwZTFhOS0wOTc3MWE4OTZiYjE2Yy0yNjAzMWU1MS0xNDAwMDAtMThlODUzNzIwZTMyZjgiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vYWJvdXQvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjQzOGQtMGE1Mi1mNDY0LTgxYzUtZTI4ZS1lOTBhLWNmNzktMTM1NSIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNzExNjMxOTY3MzYwIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDMwMDUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MTE2MzE5NjczNjMsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjUzLjRfMjAyMzEyMTkyMjQxMDAifQpdfQ==	false		high
https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=a77f2f58-57ce-4d1c-8339-460310ea325a&sn=1&cfg&pv=2&aid=	false		high
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiQWJvdXQgV2VsbHMgRmFyZ28iLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy53ZWxsc2ZhcmdvLmNvbS9hYm91dC8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MTE2MzE5NjczNTQiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE4ZTg1MzcyMGUxYTktMDk3NzFhODk2YmIxNmMtMjYwMzFlNTEtMTQwMDAwLTE4ZTg1MzcyMGUzMmY4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHBzOi8vd3d3LndlbGxzZmFyZ28uY29tL2Fib3V0LyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI0MzhkLTBhNTItZjQ2NC04MWM1LWUyOGUtZTkwYS1jZjc5LTEzNTUiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcxMTYzMTk2NzA3MiIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9yZXNvdXJjZXMuZGlnaXRhbC1jbG91ZC1wcmVtLm1lZGFsbGlhLmNvbS93ZGN1c3ByZW0vNTc5MDcvb25zaXRlL29uc2l0ZURhdGEuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC40OH19LCJjb29raWVfc2l6ZSI6IDMwMDUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MTE2MzE5NjczNTQsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjUzLjRfMjAyMzEyMTkyMjQxMDAifQpdfQ==	false		high
https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=9fa406fb-8541-4a53-bdc9-8d711b8258a5&sn=1&cfg=201c2b80&pv=2&aid=	false		high
https://2549153.fls.doubleclick.net/activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F?	false		high
https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=45f46bb8-25cb-4b71-83f6-d999b86f87f4&sn=3&cfg=fc5c7ded&pv=2&aid=	false		high
https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F?	false		high
https://2549153.fls.doubleclick.net/activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F?	false		high
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1711631950134&cv=9&fst=1711631950134&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&hn=www.google.com&async=1	false		high
https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=403a3102-6806-4b08-ba29-c8d2c2b3d153&sn=2&cfg=fc5c7ded&pv=2&aid=	false		high
https://wellsfargobankna.demdex.net/dest5.html?d_nsid=0	false		high
https://adobedc.demdex.net/ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=da61659a-abde-48a3-9419-2c57a11180c1	false		high
https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=9fa406fb-8541-4a53-bdc9-8d711b8258a5&sn=6&cfg=201c2b80&pv=2&aid=	false		high
https://tag-wellsfargo.digital.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005	false		high
https://fcmatch.google.com/pixel?google_gm=AMnCDooB--uE3qqwM60W-aFIvHRoCOUhU6Ul6HroemNjvvKfJVwxfqQOG2V4li17-b9TX64bRRCx9kEPSj-5RJKKu2ZKwmFKSFf6TCRlcnlLlDJOmPbZ5BU	false		high
https://dpm.demdex.net/ibs:dpid=477&dpuuid=bf3583479cfa2b30b4765233abf108d3347eb75cc59033dc0445efe44ff670a9b0da87c991749652	false		high
https://www.google.com/pagead/1p-user-list/984436569/?random=1711631950134&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&cid=CAQSKQB7FLtqM5DLuAhk7bpblogvOuSpfhIyx29EWpc_8gvuaFbCRK6Erxyt&random=2498095841&resp=GooglemKTybQhCsO	false		high
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZgVuWQAAA9eF_wAm&d_uuid=33955380241426191774167127150413392378	false		high
https://data.schemaapp.com/WellsFargo/aHR0cHM6Ly93d3cud2VsbHNmYXJnby5jb20vYWJvdXQv	false		high
https://s.yimg.com/wi/config/.json	false		high
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=375E6F2E0D8F6B9C2CEB7C8E098F6DFE	false		high
https://2549153.fls.doubleclick.net/activityi;dc_pre=CNn08IKGl4UDFSgVdgYdKtkJ0A;src=2549153;type=allv40;cat=all_a00;ord=3224774758673;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2F?	false		high
https://edge.adobedc.net/ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f9ab8551-492e-489e-9017-87923a423d5d	false	Avira URL Cloud: safe	unknown
https://fcmatch.google.com/pixel?google_gm=AMnCDoqLmwev_v-dJR_RIm72duWb2y5tEqtm9i_436YxdwOxcVKacGuMPfkTZpOD_GyNbJGCvB4JpMmyKKgrCnYTxDxmc2WCHepVzjCY_rGduhqxSXWQvxA	false		high
https://fcmatch.google.com/pixel?google_gm=AMnCDoppDmysQ0EwfuNyQisMDHjame1guHW2IIS6dxbAtlz8vxAtRDbqlIDtd545bq7TMCLXhLhdtkZoEea-6Rnwh-iv5AqzvhNWr7G3wxfANPyDUkwwgNk	false		high
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1711631950119&cv=9&fst=1711631950119&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&hn=www.google.com&async=1	false		high
https://edge.adobedc.net/ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=2aba2bf0-2f1f-4c0d-856d-97df1acdd718	false	Avira URL Cloud: safe	unknown
https://wellsfargo.digital.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1710907168986	false		high
https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0	false		high
https://2549153.fls.doubleclick.net/activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?	false		high
https://wellsfargobankna.demdex.net/event?c_app_id=WWW&c_page_type=BROWSER&c_page_id=locator&c_customer_type=&c_customer_status=n&c_product_code=&c_subproduct_code=&c_offer_id=&c_event_type=load&c_referrer=&d_cid=113287%011120240328061851126288949&c_sub_channel=&c_vendor_code=&c_offertype=	false		high
https://2549153.fls.doubleclick.net/activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?	false		high
https://2549153.fls.doubleclick.net/activityi;dc_pre=CJeLjfOFl4UDFd0VdgYdAnwNgA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?	false		high
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZD&msg=Assert%20fail%3A%20M50	false	Avira URL Cloud: safe	unknown
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZD&msg=Assert%20fail%3A%20M51	false	Avira URL Cloud: safe	unknown
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqLmwev_v-dJR_RIm72duWb2y5tEqtm9i_436YxdwOxcVKacGuMPfkTZpOD_GyNbJGCvB4JpMmyKKgrCnYTxDxmc2WCHepVzjCY_rGduhqxSXWQvxA	false		high
https://edge.adobedc.net/ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=a6d541f2-f16a-487d-a378-34648a735afe	false	Avira URL Cloud: safe	unknown
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F?	false		high
https://www.google.com/pagead/1p-user-list/984436569/?random=1711631950119&cv=9&fst=1711630800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&cid=CAQSKQB7FLtqwzXszmaXi0QUEjOcY3Wmdb1eUOmwgNG_8BJ2ZvlgCks6MA78&random=1285347098&resp=GooglemKTybQhCsO	false		high
https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=2c4120a6-8cbe-4983-b2ed-45670688b5d0&sn=3&cfg=fc5c7ded&pv=2&aid=	false		high
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PYY/adrum	false	Avira URL Cloud: safe	unknown
https://2549153.fls.doubleclick.net/activityi;dc_pre=CLmiqfOFl4UDFXYQdgYdkywNxA;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F?	false		high
https://gbxreport-prod.wf.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=403a3102-6806-4b08-ba29-c8d2c2b3d153&sn=4&cfg=201c2b80&pv=2&aid=	false		high
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS	false		high
https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=33955380241426191774167127150413392378&gdpr=0&gdpr_consent=	false		high
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1711632000084&cv=9&fst=1711632000084&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fchecking%2F&ref=null&tiba=Cuentas%20de%20cheques%3A%20abra%20una%20cuenta%20por%20Internet%20hoy%20mismo%20%7C%20Wells%20Fargo&hn=www.google.com&async=1	false		high
https://www.wellsfargo.com/es/	false		high
https://wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1711631938588	false		high
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1711631963095&cv=9&fst=1711631963095&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F&ref=null&tiba=ATM%20and%20Bank%20Locations%20-%20Find%20Wells%20Fargo%20Bank%20and%20ATM%20Locations&hn=www.google.com&async=1	false		high
https://adservice.google.com/ddm/fls/z/dc_pre=CK6Ts_mFl4UDFREVdgYd2PIHKw;src=2549153;type=allv40;cat=all_a0;ord=6132377373158;gtm=2od8g0;auiddc=*;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u19=GA1.2.1511061535.1711631950;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2Flocator%2F	false		high
https://cdn.schemaapp.com/javascript/highlight.js	false		high
https://edge.adobedc.net/ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=8acba3f7-0ecc-4bd9-9f1e-c9ed2fbea068	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://wellsoffice.ceo.wellsfargo.com/portal/signon/index.jsp;https://wellsoffice.ceo.wellsfargo.co	chromecache_687.2.dr, chromecache_623.2.dr	false		high
https://www17.wellsfargomedia.com	chromecache_312.2.dr	false		high
https://www.wellsfargo.com/Clickthrough&RequestType=Click&COID=	chromecache_722.2.dr	false		high
https://github.com/zloirock/core-js	chromecache_269.2.dr, chromecache_633.2.dr, chromecache_664.2.dr, chromecache_493.2.dr, chromecache_461.2.dr, chromecache_617.2.dr, chromecache_379.2.dr	false		high
https://static.wellsfargo.com/tracking/public-site/utag.js	chromecache_265.2.dr	false		high
https://github.com/jquery/jquery-color	chromecache_475.2.dr, chromecache_621.2.dr	false		high
https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/3456/formDataV2_171144410711	chromecache_687.2.dr, chromecache_623.2.dr	false		high
https://ubt-lb.digital-cloud-prem.medallia.com	chromecache_687.2.dr, chromecache_623.2.dr	false		high
https://wellsfargo.digital.nuance.com	chromecache_459.2.dr	false		high
https://icomplete.wellsfargo.com/oas/status/appl/pages/payroll-documentation	chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	false		high
https://github.com/zloirock/core-js/blob/v3.21.1/LICENSE	chromecache_269.2.dr, chromecache_493.2.dr	false		high
https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/4371/formDataV2_171144411168	chromecache_687.2.dr, chromecache_623.2.dr	false		high
https://static.wellsfargo.com/tracking/gb/detector-dom.min.js	chromecache_607.2.dr, chromecache_343.2.dr, chromecache_325.2.dr, chromecache_548.2.dr	false		high
https://rtd-tm.everesttech.net/upi/?sid=	chromecache_339.2.dr	false		high
https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/2818/formDataV2_171144411168	chromecache_687.2.dr, chromecache_623.2.dr	false		high
http://www.glassboxdigital.com	chromecache_567.2.dr, chromecache_720.2.dr	false		high
https://developer.sec.wellsfargo.com/portal/myapps;https://developer.sec.wellsfargo.com/products;htt	chromecache_687.2.dr, chromecache_623.2.dr	false		high
https://apply.wellsfargo.com/banker	chromecache_298.2.dr	false		high
https://ct.pinterest.com/v3/?tid=	chromecache_334.2.dr	false		high
https://oam.wellsfargo.com/oamo/identity/enrollment	chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	false		high
https://static.wellsfargo.com/tracking/ytc/ytc.js	chromecache_718.2.dr, chromecache_451.2.dr, chromecache_325.2.dr	false		high
https://developer.wellsfargo.com/case-studies;https://developer.wellsfargo.com/all-products;https://	chromecache_687.2.dr, chromecache_623.2.dr	false		high
https://developer.wellsfargo.com/;https://developer.wellsfargo.com/login;https://developer.wellsfarg	chromecache_687.2.dr, chromecache_623.2.dr	false		high
https://www17.wellsfargomedia.com/assets/images/locator/messaging-icon-informational-24x24.svg	chromecache_693.2.dr	false		high
https://static.wellsfargo.com/tracking/hp/utag.js	chromecache_325.2.dr	false		high
https://feedback.digital-cloud-prem.medallia.com/	chromecache_687.2.dr, chromecache_623.2.dr	false		high
https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/forms/4374/formDataV2_171144411293	chromecache_687.2.dr, chromecache_623.2.dr	false		high
http://code.google.com/p/episodes/	chromecache_436.2.dr, chromecache_480.2.dr	false		high
https://connect.secure.wellsfargo.com/accounts/start	chromecache_534.2.dr, chromecache_358.2.dr, chromecache_721.2.dr, chromecache_677.2.dr, chromecache_600.2.dr, chromecache_665.2.dr, chromecache_352.2.dr, chromecache_575.2.dr, chromecache_637.2.dr, chromecache_347.2.dr, chromecache_592.2.dr, chromecache_264.2.dr, chromecache_561.2.dr, chromecache_362.2.dr, chromecache_660.2.dr, chromecache_443.2.dr, chromecache_634.2.dr, chromecache_416.2.dr, chromecache_464.2.dr, chromecache_435.2.dr, chromecache_349.2.dr	false		high
https://www17.wellsfargomedia.com/assets/images/locator/messaging-icon-alert-24x24.svg	chromecache_693.2.dr	false		high
https://featuredemos.wf.com	chromecache_311.2.dr	false		high
https://cobrowse-wellsfargo.digital.nuance.com	chromecache_699.2.dr, chromecache_524.2.dr	false		high
https://)(www.)?(onlinemyaccounts.com	chromecache_524.2.dr	false	Avira URL Cloud: safe	low
https://pdx-col.eum-appdynamics.com	chromecache_569.2.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://col.eum-appdynamics.com	chromecache_326.2.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.253.62.154	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
52.45.39.174	dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
35.244.154.8	idsync.rlcdn.com	United States	15169	GOOGLEUS	false
34.211.102.35	unknown	United States	16509	AMAZON-02US	false
142.251.111.148	unknown	United States	15169	GOOGLEUS	false
172.253.115.104	unknown	United States	15169	GOOGLEUS	false
34.107.165.188	api.rlcdn.com	United States	15169	GOOGLEUS	false
172.253.62.105	unknown	United States	15169	GOOGLEUS	false
44.219.57.96	unknown	United States	14618	AMAZON-AESUS	false
52.46.155.104	s.amazon-adsystem.com	United States	16509	AMAZON-02US	false
142.251.16.147	www.google.com	United States	15169	GOOGLEUS	false
172.253.63.149	dart.l.doubleclick.net	United States	15169	GOOGLEUS	false
142.251.16.148	unknown	United States	15169	GOOGLEUS	false
157.240.229.35	unknown	United States	32934	FACEBOOKUS	false
63.140.38.91	unknown	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
142.251.163.155	adservice.google.com	United States	15169	GOOGLEUS	false
69.147.92.12	unknown	United States	14777	INKTOMI-LAWSONUS	false
69.147.92.11	edge.gycpi.b.yahoodns.net	United States	14777	INKTOMI-LAWSONUS	false
151.101.1.44	unknown	United States	54113	FASTLYUS	false
63.140.39.65	adobedc.net.ssl.sc.omtrdc.net	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
13.32.208.16	unknown	United States	16509	AMAZON-02US	false
172.253.63.154	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
151.101.65.44	dualstack.tls13.taboola.map.fastly.net	United States	54113	FASTLYUS	false
18.235.137.175	unknown	United States	14618	AMAZON-AESUS	false
142.250.31.148	ad.doubleclick.net	United States	15169	GOOGLEUS	false
44.195.11.1	unknown	United States	14618	AMAZON-AESUS	false
18.160.18.39	d3nidttaq34fka.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
172.253.63.139	fcmatch.youtube.com	United States	15169	GOOGLEUS	false
52.206.37.105	unknown	United States	14618	AMAZON-AESUS	false
142.251.16.157	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
172.253.122.113	fcmatch.google.com	United States	15169	GOOGLEUS	false
44.213.253.195	unknown	United States	14618	AMAZON-AESUS	false
63.140.39.130	demdex.net.ssl.sc.omtrdc.net	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
34.206.4.244	unknown	United States	14618	AMAZON-AESUS	false
18.165.98.81	d20qwf0wrdtevy.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
34.200.65.202	ats-eks.us-east-1.dcs-online-targeting-prd.aws.oath.cloud	United States	14618	AMAZON-AESUS	false
44.213.50.195	wf-prod-reports-961680909.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
3.221.137.72	unknown	United States	14618	AMAZON-AESUS	false
63.140.38.132	unknown	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
23.23.167.174	unknown	United States	14618	AMAZON-AESUS	false
31.13.66.35	star-mini.c10r.facebook.com	Ireland	32934	FACEBOOKUS	false
142.250.31.156	cm.g.doubleclick.net	United States	15169	GOOGLEUS	false
3.208.238.164	unknown	United States	14618	AMAZON-AESUS	false
146.75.29.230	medallia2.map.fastly.net	Sweden	30051	SCCGOVUS	false
142.251.167.157	unknown	United States	15169	GOOGLEUS	false
35.163.101.91	col.eum-appdynamics.com	United States	16509	AMAZON-02US	false
35.241.45.82	cooladata.kampyle.com	United States	15169	GOOGLEUS	false
13.32.208.32	d2unjxrejkh6j9.cloudfront.net	United States	16509	AMAZON-02US	false
34.194.24.182	unknown	United States	14618	AMAZON-AESUS	false
18.160.18.115	unknown	United States	3	MIT-GATEWAYSUS	false
209.54.182.161	unknown	United States	21719	CHLUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1417022
Start date and time:	2024-03-28 14:18:01 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 18s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.wellsfargo.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	SUS
Classification:	sus22.phis.win@26/741@180/53
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://www.wellsfargo.com/#skip Browse: https://www.wellsfargo.com/locator/ Browse: https://www.wellsfargo.com/about/ Browse: https://www.wellsfargo.com/es/ Browse: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS Browse: https://www.wellsfargo.com/checking/

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.251.16.94, 142.251.16.113, 142.251.16.139, 142.251.16.100, 142.251.16.138, 142.251.16.102, 142.251.16.101, 142.250.31.84, 34.104.35.123, 23.53.35.115, 23.53.35.114, 23.53.35.109, 23.53.35.104, 23.53.35.107, 23.50.66.142, 23.53.35.101, 23.53.35.103, 142.251.163.95, 172.253.62.95, 142.250.31.95, 142.251.167.95, 172.253.115.95, 172.253.122.95, 172.253.63.95, 142.251.16.95, 23.53.35.106, 23.53.35.105, 13.85.23.86, 72.21.81.240, 192.229.211.108, 23.53.35.113, 23.53.35.110, 20.166.126.56, 172.253.62.113, 172.253.62.139, 172.253.62.102, 172.253.62.100, 172.253.62.138, 172.253.62.101, 216.239.34.178, 216.239.32.178, 216.239.36.178, 216.239.38.178, 20.10.112.134, 151.101.66.49, 151.101.130.49, 151.101.194.49, 151.101.2.49, 20.3.187.198, 142.251.111.154, 142.251.111.155, 23.62.126.245, 23.209.55.118, 23.50.76.17, 172.253.62.94, 23.205.29.78, 23.12.147.23, 3.224.6.232, 44.205.232.210, 3.229.8.230, 52.22.219.31, 54.164.212.136, 34.200.140.230, 204.79.197.200, 13.107.21.200, 2
Excluded domains from analysis (whitelisted): e114945.b.akamaiedge.net, slscr.update.microsoft.com, e8463.a.akamaiedge.net, clientservices.googleapis.com, www15.wellsfargomedia.com.edgekey.net, e114055.b.akamaiedge.net, clients2.google.com, connect.secure.wellsfargo.com.edgekey.net, ocsp.digicert.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, www.google-analytics.com, e105383.b.akamaiedge.net, c1.wfinterface.com.edgekey.net, fs.microsoft.com, content-autofill.googleapis.com, dual-a-0001.a-msedge.net, cm.everesttech.net.akadns.net, ts-dnc-wf1.trafficmanager.net, www-alv.google-analytics.com, ts-dnc-wf1.eastus2.cloudapp.azure.com, edgedl.me.gvt1.com, c.bing.com, clients.l.google.com, www17.wellsfargomedia.com.edgekey.net, h2.shared.global.fastly.net, www.googleadservices.com, rubicon.wellsfargo.com.edgekey.net, www10.wellsfargomedia.com.edgekey.net, c-bing-com.a-0001.a-msedge.net, wu.azureedge.net, service.maxymiser.net.edgekey.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtSetInformationFile calls found.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	2
Entropy (8bit):	1.0
Encrypted:	false
SSDEEP:	3:H:H
MD5:	99914B932BD37A50B983C5E7C90AE93B
SHA1:	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
SHA-256:	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
SHA-512:	27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
Malicious:	false
Reputation:	low
URL:	https://s.yimg.com/wi/config/.json
Preview:	{}

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Mar 28, 2024 14:18:48.488719940 CET	53	63716	1.1.1.1	192.168.2.4
Mar 28, 2024 14:18:48.497836113 CET	53	55020	1.1.1.1	192.168.2.4
Mar 28, 2024 14:18:49.102375984 CET	53	63972	1.1.1.1	192.168.2.4
Mar 28, 2024 14:18:50.310512066 CET	56790	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:50.310720921 CET	64194	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:51.832652092 CET	55836	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:51.833086967 CET	50257	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:51.835129023 CET	56739	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:51.835752010 CET	55105	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:51.836556911 CET	61801	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:51.837239981 CET	65296	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:51.934710026 CET	55169	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:51.935259104 CET	50657	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:52.748356104 CET	55999	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:52.749150038 CET	58279	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:52.767160892 CET	58527	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:52.767554045 CET	58051	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:52.843441963 CET	53	55999	1.1.1.1	192.168.2.4
Mar 28, 2024 14:18:52.843645096 CET	53	58279	1.1.1.1	192.168.2.4
Mar 28, 2024 14:18:53.893559933 CET	65532	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:53.893748999 CET	50006	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:56.261307001 CET	53	63201	1.1.1.1	192.168.2.4
Mar 28, 2024 14:18:57.453438997 CET	59192	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:18:57.453775883 CET	62280	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:00.465833902 CET	64355	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:00.465984106 CET	58068	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:00.466991901 CET	59860	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:00.467135906 CET	59419	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:00.561022043 CET	53	58068	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:00.561595917 CET	53	59419	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:00.561645985 CET	53	59860	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:00.561722994 CET	53	64355	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:01.309411049 CET	59512	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:01.309716940 CET	64816	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:01.407270908 CET	53	59512	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:01.429958105 CET	53	64816	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:01.714818954 CET	59517	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:01.715095997 CET	56275	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:01.813636065 CET	53	56275	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:01.813738108 CET	53	59517	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:02.394582033 CET	55757	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:02.395226955 CET	64242	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:02.490734100 CET	53	55757	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:02.492028952 CET	53	64242	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:02.605988026 CET	49360	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:02.606147051 CET	57221	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:02.701006889 CET	53	57221	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:02.701256990 CET	53	49360	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:03.460186958 CET	58095	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:03.460649967 CET	65500	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:03.555094957 CET	53	58095	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:03.555210114 CET	53	65500	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:05.750291109 CET	61779	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:05.750547886 CET	51948	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:05.846426010 CET	53	51948	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:05.846607924 CET	53	61779	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:05.928849936 CET	54389	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:05.928996086 CET	59322	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:05.929482937 CET	57776	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:05.929626942 CET	53511	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:05.929995060 CET	50978	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:05.930136919 CET	54950	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:06.025139093 CET	53	54389	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:06.026402950 CET	53	59322	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:06.527699947 CET	53	64890	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:08.821604013 CET	58620	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:08.821738005 CET	59285	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:08.836766005 CET	65425	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:08.837075949 CET	64970	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:08.856117010 CET	59022	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:08.856368065 CET	54430	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:08.885706902 CET	50380	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:08.886131048 CET	53629	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:08.916758060 CET	53	59285	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:08.917423964 CET	53	58620	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:08.932514906 CET	53	64970	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:08.932863951 CET	53	65425	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:08.952259064 CET	53	59022	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:08.952550888 CET	53	54430	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:09.091502905 CET	61135	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:09.091638088 CET	62083	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:09.131031990 CET	59752	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:09.131172895 CET	65120	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:09.187840939 CET	53	61135	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:09.196177959 CET	53	62083	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:09.226414919 CET	53	59752	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:09.226454973 CET	53	65120	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:09.758220911 CET	65519	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:09.758543015 CET	52507	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:09.858875990 CET	53	52507	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:09.859014034 CET	53	65519	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:10.413367987 CET	54020	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:10.413628101 CET	63631	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:10.448698997 CET	50202	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:10.448849916 CET	62969	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:10.508627892 CET	53	54020	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:10.508857012 CET	53	63631	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:10.544315100 CET	53	62969	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:10.545381069 CET	53	50202	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:10.613459110 CET	53	61660	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:10.792860031 CET	59976	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:10.793046951 CET	53446	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:10.829590082 CET	56170	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:10.829725027 CET	62770	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:10.887691021 CET	53	59976	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:10.888106108 CET	53	53446	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:10.924906015 CET	53	56170	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:10.925198078 CET	53	62770	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.186832905 CET	59859	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.186971903 CET	55241	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.213373899 CET	51830	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.213581085 CET	51588	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.217725992 CET	62377	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.217967033 CET	55413	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.281488895 CET	53	59859	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.282648087 CET	53	55241	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.306211948 CET	53	52053	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.309314966 CET	53	51588	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.310250998 CET	53	51830	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.312361956 CET	53	62377	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.312500954 CET	53	55413	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.425966024 CET	55437	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.426285982 CET	54291	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.521498919 CET	53	54291	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.521981955 CET	53	55437	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.558685064 CET	50647	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.558819056 CET	65189	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.653979063 CET	53	65189	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.654319048 CET	53	50647	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.715823889 CET	61906	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.715991974 CET	59294	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:11.811113119 CET	53	61906	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:11.811611891 CET	53	59294	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:12.078671932 CET	54078	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:12.078828096 CET	55688	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:12.173361063 CET	53	55688	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:12.177028894 CET	53	54078	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:13.693670034 CET	138	138	192.168.2.4	192.168.2.255
Mar 28, 2024 14:19:15.430278063 CET	61109	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:15.430278063 CET	63949	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:15.526463985 CET	53	63949	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:15.541909933 CET	53	61109	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:15.967413902 CET	49952	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:15.968692064 CET	62473	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:16.067859888 CET	53	62473	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:16.080224037 CET	53	49952	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:17.177378893 CET	61902	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:17.178052902 CET	53864	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:17.183079958 CET	62061	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:17.183500051 CET	60288	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:17.277367115 CET	53	61902	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:17.279629946 CET	53	60288	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:17.279668093 CET	53	62061	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:17.288280010 CET	53	53864	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:19.390782118 CET	55987	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:19.391050100 CET	63900	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:20.691194057 CET	65492	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:20.691807032 CET	58965	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:20.788201094 CET	53	58965	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:21.773230076 CET	56572	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:21.775346994 CET	62168	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:21.871562004 CET	53	62168	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:22.587616920 CET	63914	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:22.588031054 CET	58452	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:22.684338093 CET	64437	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:22.684580088 CET	59445	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:22.779028893 CET	53	64437	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:22.780452013 CET	53	59445	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:23.673487902 CET	57124	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:23.673665047 CET	53618	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:23.768300056 CET	53	57124	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:23.777756929 CET	53	53618	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:24.317279100 CET	62033	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:24.317636967 CET	52231	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:24.413301945 CET	53	62033	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:24.414941072 CET	53	52231	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:24.482306957 CET	52564	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:24.482436895 CET	57157	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:24.578032017 CET	53	52564	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:24.578171968 CET	53	57157	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:24.840835094 CET	59104	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:24.841130018 CET	53493	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:24.937500000 CET	53	53493	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:24.938327074 CET	53	59104	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:24.976526976 CET	61033	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:24.976787090 CET	49210	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:25.072777033 CET	53	61033	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:25.073668957 CET	53	49210	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:25.486253977 CET	53	59446	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:25.904490948 CET	54694	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:25.904701948 CET	51918	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:27.104569912 CET	60661	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:27.104748011 CET	64463	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:27.112349033 CET	52236	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:27.112762928 CET	63971	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:27.212194920 CET	53	52236	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:27.214353085 CET	53	63971	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:27.715548992 CET	55318	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:27.715702057 CET	56194	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:27.719841003 CET	61337	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:27.719971895 CET	59524	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:27.811491966 CET	53	55318	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:27.811702013 CET	53	56194	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:27.815051079 CET	53	59524	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:27.815082073 CET	53	61337	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:28.200387955 CET	59545	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:28.200683117 CET	63688	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:28.293747902 CET	63383	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:28.293900013 CET	51579	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:28.388705969 CET	53	63383	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:28.389115095 CET	53	51579	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:35.155484915 CET	55824	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:35.156038046 CET	49216	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:35.158217907 CET	63458	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:35.158483982 CET	53844	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:42.930458069 CET	53722	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:42.930840015 CET	62892	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:43.025655985 CET	53	62892	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:43.025954008 CET	53	53722	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:43.044281006 CET	56595	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:43.044423103 CET	52712	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:46.435126066 CET	53	54163	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:48.177328110 CET	53	50510	1.1.1.1	192.168.2.4
Mar 28, 2024 14:19:50.723167896 CET	54153	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:50.723169088 CET	55286	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.420942068 CET	52121	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.421780109 CET	61435	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.423090935 CET	57574	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.423826933 CET	53325	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.425549984 CET	60448	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.426168919 CET	61536	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.539690971 CET	54821	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.540165901 CET	53105	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.544964075 CET	60160	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:53.545593023 CET	55838	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:54.015985012 CET	52948	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:54.016396999 CET	64809	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:54.340805054 CET	64779	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:54.341175079 CET	61099	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:59.574925900 CET	62367	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:19:59.575193882 CET	62142	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:00.783782005 CET	59934	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:00.783782005 CET	55484	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:00.784984112 CET	59408	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:00.786042929 CET	54222	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:00.879451036 CET	53	59934	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:00.880199909 CET	53	55484	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:00.881449938 CET	53	54222	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:01.296082973 CET	49684	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:01.296297073 CET	61144	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:01.391868114 CET	53	49684	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:01.392452002 CET	53	61144	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:01.433948994 CET	64256	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:01.434149027 CET	59265	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:01.529934883 CET	53	64256	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:01.530154943 CET	53	59265	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:01.540128946 CET	56488	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:01.540265083 CET	63414	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:01.635818958 CET	53	56488	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:01.636010885 CET	53	63414	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:01.777527094 CET	56957	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:01.777693033 CET	61453	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:01.872513056 CET	53	56957	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:01.872792959 CET	53	61453	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:01.928755999 CET	50984	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:01.929213047 CET	55294	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.023583889 CET	53	50984	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.024971962 CET	53	55294	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.056236982 CET	62109	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.056452036 CET	53459	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.151454926 CET	53	62109	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.152566910 CET	53	53459	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.437825918 CET	64113	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.437974930 CET	50623	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.451050997 CET	61718	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.451216936 CET	56836	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.533821106 CET	53	50623	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.534224987 CET	53	64113	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.540190935 CET	49852	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.540381908 CET	57529	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.546053886 CET	53	61718	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.549525976 CET	53	56836	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.635678053 CET	53	49852	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.638607025 CET	53	57529	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:02.935725927 CET	50031	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:02.935935974 CET	62000	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:03.032263041 CET	53	50031	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:03.037921906 CET	53	62000	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:03.054267883 CET	53697	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:03.054419994 CET	49966	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:03.149827957 CET	53	53697	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:03.149977922 CET	53	49966	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:03.554758072 CET	56236	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:03.555133104 CET	57308	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:03.650752068 CET	53	56236	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:03.651043892 CET	53	57308	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:04.056037903 CET	59524	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:04.056313992 CET	59878	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:04.151226044 CET	53	59524	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:04.151504040 CET	53	59878	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:05.919030905 CET	55936	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:05.919162035 CET	60282	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:06.014173031 CET	53	60282	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:06.015367031 CET	53	55936	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:08.063128948 CET	60753	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:08.063128948 CET	56404	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:08.065196991 CET	54638	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:08.065196991 CET	57840	53	192.168.2.4	1.1.1.1
Mar 28, 2024 14:20:08.161035061 CET	53	54638	1.1.1.1	192.168.2.4
Mar 28, 2024 14:20:08.163794041 CET	53	57840	1.1.1.1	192.168.2.4

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:18:54 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-03-28 13:18:54 UTC	468	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/073D) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus2-z1 Cache-Control: public, max-age=236675 Date: Thu, 28 Mar 2024 13:18:54 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:18:55 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-03-28 13:18:56 UTC	774	IN	HTTP/1.1 200 OK Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-CID: 7 X-CCC: US X-Azure-Ref-OriginShield: Ref A: 8BFC17DD061B46CAAD2B2AEB7B19C3D8 Ref B: CH1AA2040901011 Ref C: 2023-07-21T06:04:00Z X-MSEdge-Ref: Ref A: 1421F39FA7224BE199CC2F2C3DD24574 Ref B: CHI30EDGE0415 Ref C: 2023-07-21T06:04:00Z Content-Type: application/octet-stream X-Azure-Ref: 0DMGnYgAAAACXaXykPZuVRq4aV6pCkeO8U0pDRURHRTAzMTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm Cache-Control: public, max-age=236653 Date: Thu, 28 Mar 2024 13:18:56 GMT Content-Length: 55 Connection: close X-CID: 2
2024-03-28 13:18:56 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:00 UTC	739	OUT	GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1711631938573 HTTP/1.1 Host: dpm.demdex.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/x-www-form-urlencoded Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:00 UTC	821	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:00 GMT Content-Type: application/json;charset=utf-8 Content-Length: 960 Connection: close X-TID: Bq7ejloVTKg= Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin: https://www.wellsfargo.com Vary: Origin Access-Control-Allow-Credentials: true DCS: dcs-prod-va6-1-v057-00c8a6470.edge-va6.demdex.com 2 ms set-cookie: demdex=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:00 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
2024-03-28 13:19:00 UTC	960	IN	Data Raw: 7b 22 64 5f 6d 69 64 22 3a 22 33 33 39 31 38 36 38 33 30 32 31 32 35 34 34 37 32 32 36 34 31 36 38 35 32 37 38 32 35 39 39 39 32 38 37 32 37 33 22 2c 22 69 64 5f 73 79 6e 63 5f 74 74 6c 22 3a 36 30 34 38 30 30 2c 22 64 5f 62 6c 6f 62 22 3a 22 36 47 31 79 6e 59 63 4c 50 75 69 51 78 59 5a 72 73 7a 5f 70 6b 71 66 4c 47 39 79 4d 58 42 70 62 32 7a 58 35 64 76 4a 64 59 51 4a 7a 50 58 49 6d 64 6a 30 79 22 2c 22 64 63 73 5f 72 65 67 69 6f 6e 22 3a 37 2c 22 64 5f 6f 74 74 6c 22 3a 37 32 30 30 2c 22 69 62 73 22 3a 5b 7b 22 69 64 22 3a 22 32 31 22 2c 22 74 74 6c 22 3a 31 34 34 30 30 2c 22 74 61 67 22 3a 22 69 6d 67 22 2c 22 66 69 72 65 55 52 4c 53 79 6e 63 22 3a 30 2c 22 73 79 6e 63 4f 6e 50 61 67 65 22 3a 30 2c 22 75 72 6c 22 3a 5b 22 2f 2f 61 61 2e 61 67 6b 6e 2e Data Ascii: {"d_mid":"33918683021254472264168527825999287273","id_sync_ttl":604800,"d_blob":"6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y","dcs_region":7,"d_ottl":7200,"ibs":[{"id":"21","ttl":14400,"tag":"img","fireURLSync":0,"syncOnPage":0,"url":["//aa.agkn.

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:01 UTC	957	OUT	GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=33918683021254472264168527825999287273&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%011120240328061851126288949%011&ts=1711631940641 HTTP/1.1 Host: dpm.demdex.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/x-www-form-urlencoded Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: demdex=33955380241426191774167127150413392378
2024-03-28 13:19:01 UTC	821	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:01 GMT Content-Type: application/json;charset=utf-8 Content-Length: 960 Connection: close X-TID: K7vnyXDwTi0= Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin: https://www.wellsfargo.com Vary: Origin Access-Control-Allow-Credentials: true DCS: dcs-prod-va6-1-v057-0419d5867.edge-va6.demdex.com 2 ms set-cookie: demdex=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:01 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
2024-03-28 13:19:01 UTC	960	IN	Data Raw: 7b 22 64 5f 6d 69 64 22 3a 22 33 33 39 31 38 36 38 33 30 32 31 32 35 34 34 37 32 32 36 34 31 36 38 35 32 37 38 32 35 39 39 39 32 38 37 32 37 33 22 2c 22 69 64 5f 73 79 6e 63 5f 74 74 6c 22 3a 36 30 34 38 30 30 2c 22 64 5f 62 6c 6f 62 22 3a 22 36 47 31 79 6e 59 63 4c 50 75 69 51 78 59 5a 72 73 7a 5f 70 6b 71 66 4c 47 39 79 4d 58 42 70 62 32 7a 58 35 64 76 4a 64 59 51 4a 7a 50 58 49 6d 64 6a 30 79 22 2c 22 64 63 73 5f 72 65 67 69 6f 6e 22 3a 37 2c 22 64 5f 6f 74 74 6c 22 3a 37 32 30 30 2c 22 69 62 73 22 3a 5b 7b 22 69 64 22 3a 22 32 31 22 2c 22 74 74 6c 22 3a 31 34 34 30 30 2c 22 74 61 67 22 3a 22 69 6d 67 22 2c 22 66 69 72 65 55 52 4c 53 79 6e 63 22 3a 30 2c 22 73 79 6e 63 4f 6e 50 61 67 65 22 3a 30 2c 22 75 72 6c 22 3a 5b 22 2f 2f 61 61 2e 61 67 6b 6e 2e Data Ascii: {"d_mid":"33918683021254472264168527825999287273","id_sync_ttl":604800,"d_blob":"6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y","dcs_region":7,"d_ottl":7200,"ibs":[{"id":"21","ttl":14400,"tag":"img","fireURLSync":0,"syncOnPage":0,"url":["//aa.agkn.

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:01 UTC	724	OUT	POST /event?d_dil_ver=9.5&_ts=1711631938588 HTTP/1.1 Host: wellsfargobankna.demdex.net Connection: keep-alive Content-Length: 429 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/x-www-form-urlencoded Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: demdex=33955380241426191774167127150413392378
2024-03-28 13:19:01 UTC	429	OUT	Data Raw: 64 5f 6d 69 64 3d 33 33 39 31 38 36 38 33 30 32 31 32 35 34 34 37 32 32 36 34 31 36 38 35 32 37 38 32 35 39 39 39 32 38 37 32 37 33 26 64 5f 6e 73 69 64 3d 31 26 64 5f 63 6f 6f 70 5f 75 6e 73 61 66 65 3d 31 26 64 5f 63 69 64 5f 69 63 3d 77 66 61 63 6f 6f 6b 69 65 69 64 73 79 6e 63 25 30 31 31 31 32 30 32 34 30 33 32 38 30 36 31 38 35 31 31 32 36 32 38 38 39 34 39 25 30 31 31 26 64 5f 6c 64 3d 5f 74 73 25 33 44 31 37 31 31 36 33 31 39 33 38 35 38 38 26 64 5f 72 74 62 64 3d 6a 73 6f 6e 26 64 5f 6a 73 6f 6e 76 3d 31 26 64 5f 64 73 74 3d 31 26 63 5f 61 70 70 5f 69 64 3d 57 57 57 26 63 5f 77 66 61 63 6f 6f 6b 69 65 3d 31 31 32 30 32 34 30 33 32 38 30 36 31 38 35 31 31 32 36 32 38 38 39 34 39 26 63 5f 70 61 67 65 5f 74 79 70 65 3d 42 52 4f 57 53 45 52 26 63 5f Data Ascii: d_mid=33918683021254472264168527825999287273&d_nsid=1&d_coop_unsafe=1&d_cid_ic=wfacookieidsync%011120240328061851126288949%011&d_ld=_ts%3D1711631938588&d_rtbd=json&d_jsonv=1&d_dst=1&c_app_id=WWW&c_wfacookie=1120240328061851126288949&c_page_type=BROWSER&c_
2024-03-28 13:19:01 UTC	822	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:01 GMT Content-Type: application/json;charset=utf-8 Content-Length: 1165 Connection: close X-TID: sAr8vEo4QPw= Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin: https://www.wellsfargo.com Vary: Origin Access-Control-Allow-Credentials: true DCS: dcs-prod-va6-1-v057-039993f65.edge-va6.demdex.com 8 ms set-cookie: demdex=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:01 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
2024-03-28 13:19:01 UTC	1165	IN	Data Raw: 7b 22 73 74 75 66 66 22 3a 5b 7b 22 63 6e 22 3a 22 69 61 2d 70 72 6f 64 22 2c 22 63 76 22 3a 22 69 64 3d 31 33 35 35 37 38 31 38 2c 32 32 30 33 33 39 30 32 2c 32 32 32 38 32 38 31 38 2c 32 33 38 36 33 33 32 33 2c 32 34 34 39 34 33 37 36 2c 32 34 35 34 34 32 30 30 22 2c 22 74 74 6c 22 3a 33 30 2c 22 64 6d 6e 22 3a 22 2e 6e 6f 64 6f 6d 61 69 6e 2e 63 6f 6d 22 7d 2c 7b 22 63 6e 22 3a 22 69 61 2d 70 72 65 70 72 6f 64 22 2c 22 63 76 22 3a 22 69 64 3d 39 32 35 35 30 37 37 22 2c 22 74 74 6c 22 3a 33 30 2c 22 64 6d 6e 22 3a 22 2e 6e 6f 64 6f 6d 61 69 6e 2e 63 6f 6d 22 7d 2c 7b 22 63 6e 22 3a 22 74 6e 6c 2d 70 72 6f 64 22 2c 22 63 76 22 3a 22 69 64 3d 39 32 35 35 30 37 37 22 2c 22 74 74 6c 22 3a 33 30 2c 22 64 6d 6e 22 3a 22 2e 6e 6f 64 6f 6d 61 69 6e 2e 63 6f 6d Data Ascii: {"stuff":[{"cn":"ia-prod","cv":"id=13557818,22033902,22282818,23863323,24494376,24544200","ttl":30,"dmn":".nodomain.com"},{"cn":"ia-preprod","cv":"id=9255077","ttl":30,"dmn":".nodomain.com"},{"cn":"tnl-prod","cv":"id=9255077","ttl":30,"dmn":".nodomain.com

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:02 UTC	535	OUT	GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1711631938573 HTTP/1.1 Host: dpm.demdex.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: demdex=33955380241426191774167127150413392378
2024-03-28 13:19:02 UTC	710	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:02 GMT Content-Type: application/json;charset=utf-8 Content-Length: 960 Connection: close X-TID: 7ghUjguLRyI= Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" DCS: dcs-prod-va6-1-v057-0a94deb74.edge-va6.demdex.com 2 ms set-cookie: demdex=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:02 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
2024-03-28 13:19:02 UTC	960	IN	Data Raw: 7b 22 64 5f 6d 69 64 22 3a 22 33 33 39 31 38 36 38 33 30 32 31 32 35 34 34 37 32 32 36 34 31 36 38 35 32 37 38 32 35 39 39 39 32 38 37 32 37 33 22 2c 22 69 64 5f 73 79 6e 63 5f 74 74 6c 22 3a 36 30 34 38 30 30 2c 22 64 5f 62 6c 6f 62 22 3a 22 52 4b 68 70 52 7a 38 6b 72 67 32 74 4c 4f 36 70 67 75 58 57 70 35 6f 6c 6b 41 63 55 6e 69 51 59 50 48 61 4d 57 57 67 64 4a 33 78 7a 50 57 51 6d 64 6a 30 79 22 2c 22 64 63 73 5f 72 65 67 69 6f 6e 22 3a 37 2c 22 64 5f 6f 74 74 6c 22 3a 37 32 30 30 2c 22 69 62 73 22 3a 5b 7b 22 69 64 22 3a 22 32 31 22 2c 22 74 74 6c 22 3a 31 34 34 30 30 2c 22 74 61 67 22 3a 22 69 6d 67 22 2c 22 66 69 72 65 55 52 4c 53 79 6e 63 22 3a 30 2c 22 73 79 6e 63 4f 6e 50 61 67 65 22 3a 30 2c 22 75 72 6c 22 3a 5b 22 2f 2f 61 61 2e 61 67 6b 6e 2e Data Ascii: {"d_mid":"33918683021254472264168527825999287273","id_sync_ttl":604800,"d_blob":"RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y","dcs_region":7,"d_ottl":7200,"ibs":[{"id":"21","ttl":14400,"tag":"img","fireURLSync":0,"syncOnPage":0,"url":["//aa.agkn.

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:02 UTC	443	OUT	GET /event?d_dil_ver=9.5&_ts=1711631938588 HTTP/1.1 Host: wellsfargobankna.demdex.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: demdex=33955380241426191774167127150413392378
2024-03-28 13:19:02 UTC	916	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:02 GMT Content-Type: image/gif Content-Length: 42 Connection: close X-TID: JV62RdlDRgc= Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" X-Content-Type-Options: nosniff DCS: dcs-prod-va6-1-v057-0187a13c2.edge-va6.demdex.com 13 ms set-cookie: demdex=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:02 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None set-cookie: wellsfargobankna=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:02 GMT; Path=/; Domain=.wellsfargobankna.demdex.net; Secure; SameSite=None
2024-03-28 13:19:02 UTC	42	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b Data Ascii: GIF89a!,D;

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:02 UTC	765	OUT	GET /tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0 HTTP/1.1 Host: www.facebook.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:03 UTC	464	IN	HTTP/1.1 200 OK Content-Type: text/plain Access-Control-Allow-Origin: Access-Control-Allow-Credentials: true Strict-Transport-Security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin Server: proxygen-bolt X-FB-Connection-Quality: GOOD; q=0.7, rtt=94, rtx=0, c=10, mss=1274, tbw=3407, tp=-1, tpl=-1, uplat=1, ullat=0 Alt-Svc: h3=":443"; ma=86400 Date: Thu, 28 Mar 2024 13:19:03 GMT Connection: close Content-Length: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:06 UTC	811	OUT	POST /ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=da61659a-abde-48a3-9419-2c57a11180c1 HTTP/1.1 Host: adobedc.demdex.net Connection: keep-alive Content-Length: 189 Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: text/plain; charset=UTF-8 Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: demdex=33955380241426191774167127150413392378
2024-03-28 13:19:06 UTC	189	OUT	Data Raw: 7b 22 71 75 65 72 79 22 3a 7b 22 69 64 65 6e 74 69 74 79 22 3a 7b 22 66 65 74 63 68 22 3a 5b 22 45 43 49 44 22 5d 7d 7d 2c 22 78 64 6d 22 3a 7b 22 69 64 65 6e 74 69 74 79 4d 61 70 22 3a 7b 22 45 43 49 44 22 3a 5b 7b 22 69 64 22 3a 22 33 33 39 31 38 36 38 33 30 32 31 32 35 34 34 37 32 32 36 34 31 36 38 35 32 37 38 32 35 39 39 39 32 38 37 32 37 33 22 7d 5d 7d 7d 2c 22 6d 65 74 61 22 3a 7b 22 73 74 61 74 65 22 3a 7b 22 64 6f 6d 61 69 6e 22 3a 22 77 65 6c 6c 73 66 61 72 67 6f 2e 63 6f 6d 22 2c 22 63 6f 6f 6b 69 65 73 45 6e 61 62 6c 65 64 22 3a 74 72 75 65 7d 7d 7d Data Ascii: {"query":{"identity":{"fetch":["ECID"]}},"xdm":{"identityMap":{"ECID":[{"id":"33918683021254472264168527825999287273"}]}},"meta":{"state":{"domain":"wellsfargo.com","cookiesEnabled":true}}}
2024-03-28 13:19:06 UTC	783	IN	HTTP/1.1 200 OK x-request-id: da61659a-abde-48a3-9419-2c57a11180c1 vary: Origin access-control-allow-origin: https://www.wellsfargo.com access-control-allow-credentials: true access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID date: Thu, 28 Mar 2024 13:19:06 GMT x-konductor: N/A x-adobe-edge: VA6;7 server: jag set-cookie: demdex=33955380241426191774167127150413392378; Max-Age=15552000; Domain=demdex.net; Path=/; Secure; SameSite=None; $x-enc=URI_ENCODING content-type: application/json;charset=utf-8 strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff connection: close transfer-encoding: chunked
2024-03-28 13:19:06 UTC	732	IN	Data Raw: 32 64 35 0d 0a 7b 22 72 65 71 75 65 73 74 49 64 22 3a 22 64 61 36 31 36 35 39 61 2d 61 62 64 65 2d 34 38 61 33 2d 39 34 31 39 2d 32 63 35 37 61 31 31 31 38 30 63 31 22 2c 22 68 61 6e 64 6c 65 22 3a 5b 7b 22 70 61 79 6c 6f 61 64 22 3a 5b 7b 22 69 64 22 3a 22 33 33 39 31 38 36 38 33 30 32 31 32 35 34 34 37 32 32 36 34 31 36 38 35 32 37 38 32 35 39 39 39 32 38 37 32 37 33 22 2c 22 6e 61 6d 65 73 70 61 63 65 22 3a 7b 22 63 6f 64 65 22 3a 22 45 43 49 44 22 7d 7d 5d 2c 22 74 79 70 65 22 3a 22 69 64 65 6e 74 69 74 79 3a 72 65 73 75 6c 74 22 7d 2c 7b 22 70 61 79 6c 6f 61 64 22 3a 5b 7b 22 73 63 6f 70 65 22 3a 22 54 61 72 67 65 74 22 2c 22 68 69 6e 74 22 3a 22 33 34 22 2c 22 74 74 6c 53 65 63 6f 6e 64 73 22 3a 31 38 30 30 7d 2c 7b 22 73 63 6f 70 65 22 3a 22 41 41 Data Ascii: 2d5{"requestId":"da61659a-abde-48a3-9419-2c57a11180c1","handle":[{"payload":[{"id":"33918683021254472264168527825999287273","namespace":{"code":"ECID"}}],"type":"identity:result"},{"payload":[{"scope":"Target","hint":"34","ttlSeconds":1800},{"scope":"AA
2024-03-28 13:19:06 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:06 UTC	731	OUT	GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1 Host: gbxreport-prod.wf.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:06 UTC	1035	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:06 GMT Content-Type: application/json Content-Length: 4627 Connection: close Set-Cookie: AWSALBTG=u4QNUHNh+jyNu8TIFBT3QA5Dr3exK+TQt3MHZUf1EPLBYZtSzM+L6okkoOgL/hHDws/ZLlrT5QZKM+38OhSYqglMZDWzJ5L1Pg2I5oBiVZiOinoH/bF+wVkMfzG4/pOEaTDL8Zwvvkc5kk/qs+LAKJAqXj1o2dT0XOIZli4LzDis; Expires=Thu, 04 Apr 2024 13:19:06 GMT; Path=/ Set-Cookie: AWSALBTGCORS=u4QNUHNh+jyNu8TIFBT3QA5Dr3exK+TQt3MHZUf1EPLBYZtSzM+L6okkoOgL/hHDws/ZLlrT5QZKM+38OhSYqglMZDWzJ5L1Pg2I5oBiVZiOinoH/bF+wVkMfzG4/pOEaTDL8Zwvvkc5kk/qs+LAKJAqXj1o2dT0XOIZli4LzDis; Expires=Thu, 04 Apr 2024 13:19:06 GMT; Path=/; SameSite=None; Secure Server: Glassbox Cligate access-control-allow-origin: https://www.wellsfargo.com vary: origin access-control-allow-credentials: true set-cookie: _cls_cfgver=fc5c7ded; Secure; SameSite=None set-cookie: _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; Secure; SameSite=None set-cookie: _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; Secure; SameSite=None Set-Cookie: ROUTEID=.cligate1; path=/
2024-03-28 13:19:06 UTC	4627	IN	Data Raw: 7b 22 70 76 22 3a 32 2c 22 63 6c 73 73 22 3a 22 32 34 36 32 61 61 61 66 2d 39 35 38 66 2d 34 63 62 36 2d 61 33 63 62 2d 65 63 66 39 66 36 61 31 30 61 30 64 3a 30 22 2c 22 63 6c 73 76 22 3a 22 31 62 31 66 37 65 31 66 2d 37 62 65 64 2d 34 62 61 32 2d 62 35 65 65 2d 39 62 65 36 33 63 39 65 35 37 35 64 22 2c 22 63 6c 73 65 22 3a 6e 75 6c 6c 2c 22 63 6f 6e 66 22 3a 7b 22 61 70 70 49 64 22 3a 31 2c 22 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 22 3a 7b 22 61 74 74 72 69 62 75 74 65 52 75 6c 65 73 22 3a 5b 7b 22 6e 61 6d 65 22 3a 22 43 41 5f 57 61 6c 6c 65 74 4d 65 73 73 61 67 65 22 2c 22 70 61 67 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 6f 6e 6e 65 63 74 2e 73 65 63 75 72 65 2e 77 65 6c 6c 73 66 61 72 67 6f 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 61 6c Data Ascii: {"pv":2,"clss":"2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0","clsv":"1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d","clse":null,"conf":{"appId":1,"configuration":{"attributeRules":[{"name":"CA_WalletMessage","pageUrl":"https://connect.secure.wellsfargo.com/services/wal

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:07 UTC	572	OUT	GET /api/identity/idl?pid=1317 HTTP/1.1 Host: api.rlcdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:07 UTC	517	IN	HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Origin: https://www.wellsfargo.com Cache-Control: no-cache, no-store Timing-Allow-Origin: * Date: Thu, 28 Mar 2024 13:19:07 GMT Content-Length: 10 Content-Type: text/plain; charset=utf-8 Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-03-28 13:19:07 UTC	10	IN	Data Raw: 7b 22 69 64 6c 22 3a 22 22 7d Data Ascii: {"idl":""}

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:07 UTC	781	OUT	POST /event?d_dil_ver=9.5&_ts=1711631946944 HTTP/1.1 Host: wellsfargobankna.demdex.net Connection: keep-alive Content-Length: 426 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/x-www-form-urlencoded Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378
2024-03-28 13:19:07 UTC	426	OUT	Data Raw: 64 5f 6d 69 64 3d 33 33 39 31 38 36 38 33 30 32 31 32 35 34 34 37 32 32 36 34 31 36 38 35 32 37 38 32 35 39 39 39 32 38 37 32 37 33 26 64 5f 6e 73 69 64 3d 31 26 64 5f 63 6f 6f 70 5f 75 6e 73 61 66 65 3d 31 26 64 5f 63 69 64 5f 69 63 3d 77 66 61 63 6f 6f 6b 69 65 69 64 73 79 6e 63 25 30 31 31 31 32 30 32 34 30 33 32 38 30 36 31 38 35 31 31 32 36 32 38 38 39 34 39 25 30 31 31 26 64 5f 6c 64 3d 5f 74 73 25 33 44 31 37 31 31 36 33 31 39 34 36 39 34 34 26 64 5f 72 74 62 64 3d 6a 73 6f 6e 26 64 5f 6a 73 6f 6e 76 3d 31 26 64 5f 64 73 74 3d 31 26 63 5f 61 70 70 5f 69 64 3d 57 57 57 26 63 5f 77 66 61 63 6f 6f 6b 69 65 3d 31 31 32 30 32 34 30 33 32 38 30 36 31 38 35 31 31 32 36 32 38 38 39 34 39 26 63 5f 70 61 67 65 5f 74 79 70 65 3d 42 52 4f 57 53 45 52 26 63 5f Data Ascii: d_mid=33918683021254472264168527825999287273&d_nsid=1&d_coop_unsafe=1&d_cid_ic=wfacookieidsync%011120240328061851126288949%011&d_ld=_ts%3D1711631946944&d_rtbd=json&d_jsonv=1&d_dst=1&c_app_id=WWW&c_wfacookie=1120240328061851126288949&c_page_type=BROWSER&c_
2024-03-28 13:19:08 UTC	1016	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:07 GMT Content-Type: application/json;charset=utf-8 Content-Length: 1174 Connection: close X-TID: ZQ6/ho7ASOk= Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin: https://www.wellsfargo.com Vary: Origin Access-Control-Allow-Credentials: true DCS: dcs-prod-va6-1-v057-0c3aeed41.edge-va6.demdex.com 8 ms set-cookie: demdex=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:07 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None set-cookie: wellsfargobankna=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:07 GMT; Path=/; Domain=.wellsfargobankna.demdex.net; Secure; SameSite=None
2024-03-28 13:19:08 UTC	1174	IN	Data Raw: 7b 22 73 74 75 66 66 22 3a 5b 7b 22 63 6e 22 3a 22 69 61 2d 70 72 6f 64 22 2c 22 63 76 22 3a 22 69 64 3d 31 33 35 35 37 38 31 38 2c 32 32 30 33 33 39 30 32 2c 32 32 32 38 32 38 31 38 2c 32 33 35 30 38 31 38 32 2c 32 33 38 36 33 33 32 33 2c 32 34 34 39 34 33 37 36 2c 32 34 35 34 34 32 30 30 22 2c 22 74 74 6c 22 3a 33 30 2c 22 64 6d 6e 22 3a 22 2e 6e 6f 64 6f 6d 61 69 6e 2e 63 6f 6d 22 7d 2c 7b 22 63 6e 22 3a 22 69 61 2d 70 72 65 70 72 6f 64 22 2c 22 63 76 22 3a 22 69 64 3d 39 32 35 35 30 37 37 22 2c 22 74 74 6c 22 3a 33 30 2c 22 64 6d 6e 22 3a 22 2e 6e 6f 64 6f 6d 61 69 6e 2e 63 6f 6d 22 7d 2c 7b 22 63 6e 22 3a 22 74 6e 6c 2d 70 72 6f 64 22 2c 22 63 76 22 3a 22 69 64 3d 39 32 35 35 30 37 37 22 2c 22 74 74 6c 22 3a 33 30 2c 22 64 6d 6e 22 3a 22 2e 6e 6f 64 Data Ascii: {"stuff":[{"cn":"ia-prod","cv":"id=13557818,22033902,22282818,23508182,23863323,24494376,24544200","ttl":30,"dmn":".nodomain.com"},{"cn":"ia-preprod","cv":"id=9255077","ttl":30,"dmn":".nodomain.com"},{"cn":"tnl-prod","cv":"id=9255077","ttl":30,"dmn":".nod

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:09 UTC	512	OUT	GET /ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=da61659a-abde-48a3-9419-2c57a11180c1 HTTP/1.1 Host: adobedc.demdex.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: demdex=33955380241426191774167127150413392378
2024-03-28 13:19:09 UTC	418	IN	HTTP/1.1 404 Not Found x-request-id: da61659a-abde-48a3-9419-2c57a11180c1 vary: Origin date: Thu, 28 Mar 2024 13:19:08 GMT x-konductor: N/A x-adobe-edge: VA6;7 server: jag content-length: 0 strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff connection: close

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:09 UTC	758	OUT	POST /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=5afea92c-2d16-47bb-bad5-3f8c2691ab16 HTTP/1.1 Host: edge.adobedc.net Connection: keep-alive Content-Length: 352 Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: text/plain; charset=UTF-8 Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:09 UTC	352	OUT	Data Raw: 7b 22 71 75 65 72 79 22 3a 7b 22 69 64 65 6e 74 69 74 79 22 3a 7b 22 66 65 74 63 68 22 3a 5b 22 45 43 49 44 22 5d 7d 7d 2c 22 6d 65 74 61 22 3a 7b 22 73 74 61 74 65 22 3a 7b 22 64 6f 6d 61 69 6e 22 3a 22 77 65 6c 6c 73 66 61 72 67 6f 2e 63 6f 6d 22 2c 22 63 6f 6f 6b 69 65 73 45 6e 61 62 6c 65 64 22 3a 74 72 75 65 2c 22 65 6e 74 72 69 65 73 22 3a 5b 7b 22 6b 65 79 22 3a 22 6b 6e 64 63 74 72 5f 31 42 41 41 31 35 46 33 35 34 46 37 33 31 45 36 30 41 34 43 39 38 41 34 5f 41 64 6f 62 65 4f 72 67 5f 69 64 65 6e 74 69 74 79 22 2c 22 76 61 6c 75 65 22 3a 22 43 69 59 7a 4d 7a 6b 78 4f 44 59 34 4d 7a 41 79 4d 54 49 31 4e 44 51 33 4d 6a 49 32 4e 44 45 32 4f 44 55 79 4e 7a 67 79 4e 54 6b 35 4f 54 49 34 4e 7a 49 33 4d 31 49 51 43 4b 4b 6b 32 36 6e 6f 4d 52 67 42 4b 67 Data Ascii: {"query":{"identity":{"fetch":["ECID"]}},"meta":{"state":{"domain":"wellsfargo.com","cookiesEnabled":true,"entries":[{"key":"kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity","value":"CiYzMzkxODY4MzAyMTI1NDQ3MjI2NDE2ODUyNzgyNTk5OTI4NzI3M1IQCKKk26noMRgBKg
2024-03-28 13:19:09 UTC	635	IN	HTTP/1.1 200 OK x-request-id: 5afea92c-2d16-47bb-bad5-3f8c2691ab16 vary: Origin access-control-allow-origin: https://www.wellsfargo.com access-control-allow-credentials: true access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID date: Thu, 28 Mar 2024 13:19:08 GMT x-konductor: N/A x-adobe-edge: VA6;7 server: jag content-type: application/json;charset=utf-8 strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff connection: close transfer-encoding: chunked
2024-03-28 13:19:09 UTC	527	IN	Data Raw: 32 30 38 0d 0a 7b 22 72 65 71 75 65 73 74 49 64 22 3a 22 35 61 66 65 61 39 32 63 2d 32 64 31 36 2d 34 37 62 62 2d 62 61 64 35 2d 33 66 38 63 32 36 39 31 61 62 31 36 22 2c 22 68 61 6e 64 6c 65 22 3a 5b 7b 22 70 61 79 6c 6f 61 64 22 3a 5b 7b 22 69 64 22 3a 22 33 33 39 31 38 36 38 33 30 32 31 32 35 34 34 37 32 32 36 34 31 36 38 35 32 37 38 32 35 39 39 39 32 38 37 32 37 33 22 2c 22 6e 61 6d 65 73 70 61 63 65 22 3a 7b 22 63 6f 64 65 22 3a 22 45 43 49 44 22 7d 7d 5d 2c 22 74 79 70 65 22 3a 22 69 64 65 6e 74 69 74 79 3a 72 65 73 75 6c 74 22 7d 2c 7b 22 70 61 79 6c 6f 61 64 22 3a 5b 7b 22 73 63 6f 70 65 22 3a 22 54 61 72 67 65 74 22 2c 22 68 69 6e 74 22 3a 22 33 34 22 2c 22 74 74 6c 53 65 63 6f 6e 64 73 22 3a 31 38 30 30 7d 2c 7b 22 73 63 6f 70 65 22 3a 22 41 41 Data Ascii: 208{"requestId":"5afea92c-2d16-47bb-bad5-3f8c2691ab16","handle":[{"payload":[{"id":"33918683021254472264168527825999287273","namespace":{"code":"ECID"}}],"type":"identity:result"},{"payload":[{"scope":"Target","hint":"34","ttlSeconds":1800},{"scope":"AA
2024-03-28 13:19:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:09 UTC	751	OUT	POST /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f134fe53-5091-456a-be12-2dea853e8e15 HTTP/1.1 Host: edge.adobedc.net Connection: keep-alive Content-Length: 3432 Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: text/plain; charset=UTF-8 Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:09 UTC	3432	OUT	Data Raw: 7b 22 65 76 65 6e 74 73 22 3a 5b 7b 22 71 75 65 72 79 22 3a 7b 22 70 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 22 3a 7b 22 73 63 68 65 6d 61 73 22 3a 5b 22 68 74 74 70 73 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 2f 64 65 66 61 75 6c 74 2d 63 6f 6e 74 65 6e 74 2d 69 74 65 6d 22 2c 22 68 74 74 70 73 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 2f 68 74 6d 6c 2d 63 6f 6e 74 65 6e 74 2d 69 74 65 6d 22 2c 22 68 74 74 70 73 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 2f 6a 73 6f 6e 2d 63 6f 6e 74 65 6e 74 2d 69 74 65 6d 22 2c 22 68 74 74 70 73 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c Data Ascii: {"events":[{"query":{"personalization":{"schemas":["https://ns.adobe.com/personalization/default-content-item","https://ns.adobe.com/personalization/html-content-item","https://ns.adobe.com/personalization/json-content-item","https://ns.adobe.com/personal
2024-03-28 13:19:09 UTC	635	IN	HTTP/1.1 200 OK x-request-id: f134fe53-5091-456a-be12-2dea853e8e15 vary: Origin access-control-allow-origin: https://www.wellsfargo.com access-control-allow-credentials: true access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID date: Thu, 28 Mar 2024 13:19:08 GMT x-konductor: N/A x-adobe-edge: VA6;7 server: jag content-type: application/json;charset=utf-8 strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff connection: close transfer-encoding: chunked
2024-03-28 13:19:09 UTC	527	IN	Data Raw: 32 30 38 0d 0a 7b 22 72 65 71 75 65 73 74 49 64 22 3a 22 66 31 33 34 66 65 35 33 2d 35 30 39 31 2d 34 35 36 61 2d 62 65 31 32 2d 32 64 65 61 38 35 33 65 38 65 31 35 22 2c 22 68 61 6e 64 6c 65 22 3a 5b 7b 22 70 61 79 6c 6f 61 64 22 3a 5b 7b 22 69 64 22 3a 22 33 33 39 31 38 36 38 33 30 32 31 32 35 34 34 37 32 32 36 34 31 36 38 35 32 37 38 32 35 39 39 39 32 38 37 32 37 33 22 2c 22 6e 61 6d 65 73 70 61 63 65 22 3a 7b 22 63 6f 64 65 22 3a 22 45 43 49 44 22 7d 7d 5d 2c 22 74 79 70 65 22 3a 22 69 64 65 6e 74 69 74 79 3a 72 65 73 75 6c 74 22 7d 2c 7b 22 70 61 79 6c 6f 61 64 22 3a 5b 7b 22 73 63 6f 70 65 22 3a 22 54 61 72 67 65 74 22 2c 22 68 69 6e 74 22 3a 22 33 34 22 2c 22 74 74 6c 53 65 63 6f 6e 64 73 22 3a 31 38 30 30 7d 2c 7b 22 73 63 6f 70 65 22 3a 22 41 41 Data Ascii: 208{"requestId":"f134fe53-5091-456a-be12-2dea853e8e15","handle":[{"payload":[{"id":"33918683021254472264168527825999287273","namespace":{"code":"ECID"}}],"type":"identity:result"},{"payload":[{"scope":"Target","hint":"34","ttlSeconds":1800},{"scope":"AA
2024-03-28 13:19:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:09 UTC	500	OUT	GET /event?d_dil_ver=9.5&_ts=1711631946944 HTTP/1.1 Host: wellsfargobankna.demdex.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: demdex=33955380241426191774167127150413392378; wellsfargobankna=33955380241426191774167127150413392378
2024-03-28 13:19:09 UTC	915	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:09 GMT Content-Type: image/gif Content-Length: 42 Connection: close X-TID: +JZhVcDVQ5w= Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" X-Content-Type-Options: nosniff DCS: dcs-prod-va6-2-v057-006db7a3b.edge-va6.demdex.com 9 ms set-cookie: demdex=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:09 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None set-cookie: wellsfargobankna=33955380241426191774167127150413392378; Max-Age=15552000; Expires=Tue, 24 Sep 2024 13:19:09 GMT; Path=/; Domain=.wellsfargobankna.demdex.net; Secure; SameSite=None
2024-03-28 13:19:09 UTC	42	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b Data Ascii: GIF89a!,D;

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:09 UTC	1171	OUT	POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=2c4120a6-8cbe-4983-b2ed-45670688b5d0&sn=1&cfg&pv=2&aid= HTTP/1.1 Host: gbxreport-prod.wf.com Connection: keep-alive Content-Length: 3178 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/x-www-form-urlencoded Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTGCORS=u4QNUHNh+jyNu8TIFBT3QA5Dr3exK+TQt3MHZUf1EPLBYZtSzM+L6okkoOgL/hHDws/ZLlrT5QZKM+38OhSYqglMZDWzJ5L1Pg2I5oBiVZiOinoH/bF+wVkMfzG4/pOEaTDL8Zwvvkc5kk/qs+LAKJAqXj1o2dT0XOIZli4LzDis
2024-03-28 13:19:09 UTC	3178	OUT	Data Raw: 76 3d 32 26 72 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 77 77 77 2e 77 65 6c 6c 73 66 61 72 67 6f 2e 63 6f 6d 25 32 46 26 73 6e 3d 31 26 70 3d 32 63 34 31 32 30 61 36 2d 38 63 62 65 2d 34 39 38 33 2d 62 32 65 64 2d 34 35 36 37 30 36 38 38 62 35 64 30 26 73 65 67 3d 25 32 46 26 73 70 3d 26 65 3d 6c 75 62 39 67 74 33 70 7e 32 7e 2d 7e 4e 75 5f 70 76 32 77 38 73 2a 73 5f 31 32 38 30 78 39 30 37 2a 73 63 5f 31 32 38 30 78 31 30 32 34 7e 76 6e 2e 32 5f 56 32 56 73 62 48 4d 67 52 6d 46 79 5a 32 38 67 51 6d 46 75 61 79 42 38 49 45 5a 70 62 6d 46 75 59 32 6c 68 62 43 42 54 5a 58 4a 32 61 57 4e 6c 63 79 41 6d 49 45 39 75 62 47 6c 75 5a 53 42 43 59 57 35 72 61 57 35 6e 2a 77 69 6e 64 6f 77 44 65 70 74 68 2e 30 5f 30 2a 68 69 73 74 6f 72 79 4c 65 6e 2e 30 5f 31 Data Ascii: v=2&r=https%3A%2F%2Fwww.wellsfargo.com%2F&sn=1&p=2c4120a6-8cbe-4983-b2ed-45670688b5d0&seg=%2F&sp=&e=lub9gt3p~2~-~Nu_pv2w8ss_1280x907sc_1280x1024~vn.2_V2VsbHMgRmFyZ28gQmFuayB8IEZpbmFuY2lhbCBTZXJ2aWNlcyAmIE9ubGluZSBCYW5raW5nwindowDepth.0_0historyLen.0_1
2024-03-28 13:19:09 UTC	873	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:09 GMT Content-Type: application/json Content-Length: 4627 Connection: close Set-Cookie: AWSALBTG=YHbe1QUbihmucrQUO4JHIhcvVKBYP9uvN93z7Jh2hmdz1OBH+ibtv/Hg4A878ll+XjPj6vVKpdnbbUDar8zMkVyiU6WPgPPOl6idk5rQ6HlWVxQSXP58X2Q+H0EKsHmmHsxqYWZ0akz09MH6AF3bzfQwuFgRCjkpkxGO3g8nR4HI; Expires=Thu, 04 Apr 2024 13:19:09 GMT; Path=/ Set-Cookie: AWSALBTGCORS=YHbe1QUbihmucrQUO4JHIhcvVKBYP9uvN93z7Jh2hmdz1OBH+ibtv/Hg4A878ll+XjPj6vVKpdnbbUDar8zMkVyiU6WPgPPOl6idk5rQ6HlWVxQSXP58X2Q+H0EKsHmmHsxqYWZ0akz09MH6AF3bzfQwuFgRCjkpkxGO3g8nR4HI; Expires=Thu, 04 Apr 2024 13:19:09 GMT; Path=/; SameSite=None; Secure Server: Glassbox Cligate access-control-allow-origin: https://www.wellsfargo.com vary: origin access-control-allow-credentials: true set-cookie: _cls_cfgver=fc5c7ded; Secure; SameSite=None Set-Cookie: ROUTEID=.cligate1; path=/
2024-03-28 13:19:09 UTC	4627	IN	Data Raw: 7b 22 70 76 22 3a 32 2c 22 63 6c 73 73 22 3a 22 32 34 36 32 61 61 61 66 2d 39 35 38 66 2d 34 63 62 36 2d 61 33 63 62 2d 65 63 66 39 66 36 61 31 30 61 30 64 3a 30 22 2c 22 63 6c 73 76 22 3a 22 31 62 31 66 37 65 31 66 2d 37 62 65 64 2d 34 62 61 32 2d 62 35 65 65 2d 39 62 65 36 33 63 39 65 35 37 35 64 22 2c 22 63 6c 73 65 22 3a 6e 75 6c 6c 2c 22 63 6f 6e 66 22 3a 7b 22 61 70 70 49 64 22 3a 31 2c 22 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 22 3a 7b 22 61 74 74 72 69 62 75 74 65 52 75 6c 65 73 22 3a 5b 7b 22 6e 61 6d 65 22 3a 22 43 41 5f 57 61 6c 6c 65 74 4d 65 73 73 61 67 65 22 2c 22 70 61 67 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 6f 6e 6e 65 63 74 2e 73 65 63 75 72 65 2e 77 65 6c 6c 73 66 61 72 67 6f 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 61 6c Data Ascii: {"pv":2,"clss":"2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0","clsv":"1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d","clse":null,"conf":{"appId":1,"configuration":{"attributeRules":[{"name":"CA_WalletMessage","pageUrl":"https://connect.secure.wellsfargo.com/services/wal

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:09 UTC	1006	OUT	GET /activityi;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1 Host: 2549153.fls.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:09 UTC	974	IN	HTTP/1.1 302 Found P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Date: Thu, 28 Mar 2024 13:19:09 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Follow-Only-When-Prerender-Shown: 1 Strict-Transport-Security: max-age=21600 Location: https://2549153.fls.doubleclick.net/activityi;dc_pre=CIDN4PKFl4UDFaYKdgYd4tUFzw;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Server: cafe Content-Length: 0 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:09 UTC	1040	OUT	GET /activityi;dc_pre=CIDN4PKFl4UDFaYKdgYd4tUFzw;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1 Host: 2549153.fls.doubleclick.net Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:10 UTC	812	IN	HTTP/1.1 200 OK P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Date: Thu, 28 Mar 2024 13:19:10 GMT Expires: Thu, 28 Mar 2024 13:19:10 GMT Cache-Control: private, max-age=0 Strict-Transport-Security: max-age=21600 Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Server: cafe X-XSS-Protection: 0 Set-Cookie: test_cookie=CheckForPermission; expires=Thu, 28-Mar-2024 13:34:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-03-28 13:19:10 UTC	440	IN	Data Raw: 31 64 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 6c 6f 6f 73 65 2e 64 74 64 22 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 61 64 73 65 72 76 69 63 65 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 64 64 6d 2f 66 6c 73 2f 7a 2f 64 63 5f 70 72 65 3d 43 49 44 4e 34 50 4b 46 6c 34 55 44 46 61 Data Ascii: 1d4<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="https://adservice.google.com/ddm/fls/z/dc_pre=CIDN4PKFl4UDFa
2024-03-28 13:19:10 UTC	35	IN	Data Raw: 65 6c 6c 73 66 61 72 67 6f 2e 63 6f 6d 25 32 46 22 2f 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: ellsfargo.com%2F"/></body></html>
2024-03-28 13:19:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.wellsfargo.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 263

Chrome Cache Entry: 264

Chrome Cache Entry: 265

Chrome Cache Entry: 266

Chrome Cache Entry: 267

Chrome Cache Entry: 268

Chrome Cache Entry: 269

Chrome Cache Entry: 270

Chrome Cache Entry: 271

Chrome Cache Entry: 272

Chrome Cache Entry: 273

Chrome Cache Entry: 274

Chrome Cache Entry: 275

Chrome Cache Entry: 276

Chrome Cache Entry: 277

Chrome Cache Entry: 278

Chrome Cache Entry: 279

Chrome Cache Entry: 280

Chrome Cache Entry: 281

Chrome Cache Entry: 282

Chrome Cache Entry: 283

Chrome Cache Entry: 284

Chrome Cache Entry: 285

Chrome Cache Entry: 286

Chrome Cache Entry: 287

Chrome Cache Entry: 288

Chrome Cache Entry: 289

Chrome Cache Entry: 290

Chrome Cache Entry: 291

Windows Analysis Report
https://www.wellsfargo.com/

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:10 UTC	925	OUT	GET /activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1 Host: 2549153.fls.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:10 UTC	996	IN	HTTP/1.1 302 Found P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Date: Thu, 28 Mar 2024 13:19:10 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Follow-Only-When-Prerender-Shown: 1 Strict-Transport-Security: max-age=21600 Location: https://2549153.fls.doubleclick.net/activityi;dc_pre=CJeLjfOFl4UDFd0VdgYdAnwNgA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Server: cafe Content-Length: 0 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:10 UTC	1089	OUT	GET /activityi;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1 Host: 2549153.fls.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: test_cookie=CheckForPermission
2024-03-28 13:19:10 UTC	1017	IN	HTTP/1.1 302 Found P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Date: Thu, 28 Mar 2024 13:19:10 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Follow-Only-When-Prerender-Shown: 1 Strict-Transport-Security: max-age=21600 Location: https://2549153.fls.doubleclick.net/activityi;dc_pre=CLmiqfOFl4UDFXYQdgYdkywNxA;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Server: cafe Content-Length: 0 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:10 UTC	999	OUT	GET /activityi;dc_pre=CJeLjfOFl4UDFd0VdgYdAnwNgA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1 Host: 2549153.fls.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: test_cookie=CheckForPermission
2024-03-28 13:19:11 UTC	984	IN	HTTP/1.1 200 OK P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Date: Thu, 28 Mar 2024 13:19:10 GMT Expires: Thu, 28 Mar 2024 13:19:10 GMT Cache-Control: private, max-age=0 Strict-Transport-Security: max-age=21600 Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Server: cafe X-XSS-Protection: 0 Set-Cookie: IDE=AHWqTUmzR0RneqXpgK8jsl51yer659bGIN36iFghAMYuq2FOXzc75hwX8SIWlTs2360; expires=Sat, 28-Mar-2026 13:19:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none Set-Cookie: test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-03-28 13:19:11 UTC	268	IN	Data Raw: 31 65 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 6c 6f 6f 73 65 2e 64 74 64 22 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 61 64 73 65 72 76 69 63 65 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 64 64 6d 2f 66 6c 73 2f 7a 2f 64 63 5f 70 72 65 3d 43 4a 65 4c 6a 66 4f 46 6c 34 55 44 46 64 Data Ascii: 1ea<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="https://adservice.google.com/ddm/fls/z/dc_pre=CJeLjfOFl4UDFd
2024-03-28 13:19:11 UTC	229	IN	Data Raw: 72 65 67 69 73 74 65 72 5f 63 6f 6e 76 65 72 73 69 6f 6e 3d 31 3b 73 72 63 3d 32 35 34 39 31 35 33 3b 74 79 70 65 3d 61 6c 6c 76 34 30 3b 63 61 74 3d 61 6c 6c 5f 61 30 30 3b 6f 72 64 3d 32 35 37 39 39 35 37 36 37 39 38 34 37 3b 67 74 6d 3d 32 6f 64 38 67 30 3b 61 75 69 64 64 63 3d 2a 3b 75 31 3d 31 31 32 30 32 34 30 33 32 38 30 36 31 38 35 31 31 32 36 32 38 38 39 34 39 3b 75 35 3d 6e 3b 75 38 3d 57 57 57 3b 75 31 31 3d 50 52 4f 44 55 43 54 49 4f 4e 3b 75 32 33 3d 44 45 53 4b 54 4f 50 3b 70 73 3d 31 3b 7e 6f 72 65 66 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 77 77 77 2e 77 65 6c 6c 73 66 61 72 67 6f 2e 63 6f 6d 25 32 46 22 2f 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=*;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F"/></body></html>
2024-03-28 13:19:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:10 UTC	1062	OUT	GET /ddm/fls/z/dc_pre=CIDN4PKFl4UDFaYKdgYd4tUFzw;src=2549153;type=allv40;cat=all_a00;ord=2579957679847;gtm=2od8g0;auiddc=;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F HTTP/1.1 Host: adservice.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
2024-03-28 13:19:11 UTC	529	IN	HTTP/1.1 200 OK P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Date: Thu, 28 Mar 2024 13:19:11 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Content-Type: image/gif X-Content-Type-Options: nosniff Server: cafe Content-Length: 42 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-03-28 13:19:11 UTC	42	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b Data Ascii: GIF89a!,D;

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:11 UTC	1091	OUT	GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.118B257&_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pid=2c4120a6-8cbe-4983-b2ed-45670688b5d0&sn=1&cfg&pv=2&aid= HTTP/1.1 Host: gbxreport-prod.wf.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTG=2+craBM2NpGCqcUbcDHLWPK+sG+yERLLGemAr0XIShbTBoWTEijRwz35pUj+/UNc4JTlKa/+SR0oMqJVnq42l6hffJv3LGAiMcB+WND/2J/CUnCf2Sx97Yoy8XJJd0uKVvSqSYXgQcwxzrZCcyCJIFV9QDVLNfwnBPAT2DOxM46G; ROUTEID=.cligate1; AWSALBTGCORS=WtKY4zlHlqFjN7rysBcOeV/yyvkeg122+ahi6KwZXrAH9N2dSW1d9U4AOAOLb+hkwaAa9PrYyhO0AhE484Tfth3Rwss3zcu8MuaOMNsNHjiIYAHratWJ8GSPbcCc1e5zKeMSZl8s6h+5YiIDNurcxWofoZQNh/lOScfbtycUDuzf
2024-03-28 13:19:11 UTC	885	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:11 GMT Content-Type: application/json Content-Length: 4627 Connection: close Set-Cookie: AWSALBTG=sIx1uyocsJktH2HWD2M4WULimd8wPyJiuYDMxTzl7KzY763ZN4m3oGeJM2Iqr1d+Jq090lnhT4eJ+n6VQqdJKd9esc0Kfy67QRbg/uX5B0nria6OKslJwETm+bgzNVXGZ9Gr/UjjhNFsZeZNJgvqow0WmX4G+2omuuuYtxcldNNA; Expires=Thu, 04 Apr 2024 13:19:11 GMT; Path=/ Set-Cookie: AWSALBTGCORS=sIx1uyocsJktH2HWD2M4WULimd8wPyJiuYDMxTzl7KzY763ZN4m3oGeJM2Iqr1d+Jq090lnhT4eJ+n6VQqdJKd9esc0Kfy67QRbg/uX5B0nria6OKslJwETm+bgzNVXGZ9Gr/UjjhNFsZeZNJgvqow0WmX4G+2omuuuYtxcldNNA; Expires=Thu, 04 Apr 2024 13:19:11 GMT; Path=/; SameSite=None; Secure Server: Glassbox Cligate set-cookie: _cls_cfgver=fc5c7ded; Secure; SameSite=None set-cookie: _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; Secure; SameSite=None set-cookie: _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; Secure; SameSite=None
2024-03-28 13:19:11 UTC	4627	IN	Data Raw: 7b 22 70 76 22 3a 32 2c 22 63 6c 73 73 22 3a 22 32 34 36 32 61 61 61 66 2d 39 35 38 66 2d 34 63 62 36 2d 61 33 63 62 2d 65 63 66 39 66 36 61 31 30 61 30 64 3a 30 22 2c 22 63 6c 73 76 22 3a 22 31 62 31 66 37 65 31 66 2d 37 62 65 64 2d 34 62 61 32 2d 62 35 65 65 2d 39 62 65 36 33 63 39 65 35 37 35 64 22 2c 22 63 6c 73 65 22 3a 6e 75 6c 6c 2c 22 63 6f 6e 66 22 3a 7b 22 61 70 70 49 64 22 3a 31 2c 22 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 22 3a 7b 22 61 74 74 72 69 62 75 74 65 52 75 6c 65 73 22 3a 5b 7b 22 6e 61 6d 65 22 3a 22 43 41 5f 57 61 6c 6c 65 74 4d 65 73 73 61 67 65 22 2c 22 70 61 67 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 6f 6e 6e 65 63 74 2e 73 65 63 75 72 65 2e 77 65 6c 6c 73 66 61 72 67 6f 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 61 6c Data Ascii: {"pv":2,"clss":"2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0","clsv":"1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d","clse":null,"conf":{"appId":1,"configuration":{"attributeRules":[{"name":"CA_WalletMessage","pageUrl":"https://connect.secure.wellsfargo.com/services/wal

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:11 UTC	1032	OUT	GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d%3A0&_cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d&pv=2&f_cls_s=true HTTP/1.1 Host: gbxreport-prod.wf.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: _cls_cfgver=fc5c7ded; _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; AWSALBTG=2+craBM2NpGCqcUbcDHLWPK+sG+yERLLGemAr0XIShbTBoWTEijRwz35pUj+/UNc4JTlKa/+SR0oMqJVnq42l6hffJv3LGAiMcB+WND/2J/CUnCf2Sx97Yoy8XJJd0uKVvSqSYXgQcwxzrZCcyCJIFV9QDVLNfwnBPAT2DOxM46G; ROUTEID=.cligate1; AWSALBTGCORS=AMI00pYZBUblZN/9Bmi01p9YmJm1D86di5Z+/tSUvQrT+Do6gGLWzNb3mOfrnPZy1F7wNiB8iXbsuPsRF0FsxlM49Tlvar0qAFXr062Qb8Pjp8LyUCCKxVGwPzwplpy0UJsBy3SdMnv5SW+lNMtkB404Hc/qsMPMYA5leo16EQaE
2024-03-28 13:19:11 UTC	885	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:11 GMT Content-Type: application/json Content-Length: 4627 Connection: close Set-Cookie: AWSALBTG=afM7Hb03tmAYGn+UC9e4C4ANx+APNYJOQD4RjwV/bfCI1U8ohM0Qj952WhrWM6FZe7WywtT80GtV1JgoFBzM6bBp8fyk1g6/QR135lne1/D7qdBExwGjX1bP1P7LyIjBLTgXqfNyLSepylmCb2OEj+udVj3xOzvlrJu1QJzt3aPm; Expires=Thu, 04 Apr 2024 13:19:11 GMT; Path=/ Set-Cookie: AWSALBTGCORS=afM7Hb03tmAYGn+UC9e4C4ANx+APNYJOQD4RjwV/bfCI1U8ohM0Qj952WhrWM6FZe7WywtT80GtV1JgoFBzM6bBp8fyk1g6/QR135lne1/D7qdBExwGjX1bP1P7LyIjBLTgXqfNyLSepylmCb2OEj+udVj3xOzvlrJu1QJzt3aPm; Expires=Thu, 04 Apr 2024 13:19:11 GMT; Path=/; SameSite=None; Secure Server: Glassbox Cligate set-cookie: _cls_cfgver=fc5c7ded; Secure; SameSite=None set-cookie: _cls_v=1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d; Secure; SameSite=None set-cookie: _cls_s=2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0; Secure; SameSite=None
2024-03-28 13:19:11 UTC	4627	IN	Data Raw: 7b 22 70 76 22 3a 32 2c 22 63 6c 73 73 22 3a 22 32 34 36 32 61 61 61 66 2d 39 35 38 66 2d 34 63 62 36 2d 61 33 63 62 2d 65 63 66 39 66 36 61 31 30 61 30 64 3a 30 22 2c 22 63 6c 73 76 22 3a 22 31 62 31 66 37 65 31 66 2d 37 62 65 64 2d 34 62 61 32 2d 62 35 65 65 2d 39 62 65 36 33 63 39 65 35 37 35 64 22 2c 22 63 6c 73 65 22 3a 6e 75 6c 6c 2c 22 63 6f 6e 66 22 3a 7b 22 61 70 70 49 64 22 3a 31 2c 22 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 22 3a 7b 22 61 74 74 72 69 62 75 74 65 52 75 6c 65 73 22 3a 5b 7b 22 6e 61 6d 65 22 3a 22 43 41 5f 57 61 6c 6c 65 74 4d 65 73 73 61 67 65 22 2c 22 70 61 67 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 6f 6e 6e 65 63 74 2e 73 65 63 75 72 65 2e 77 65 6c 6c 73 66 61 72 67 6f 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 61 6c Data Ascii: {"pv":2,"clss":"2462aaaf-958f-4cb6-a3cb-ecf9f6a10a0d:0","clsv":"1b1f7e1f-7bed-4ba2-b5ee-9be63c9e575d","clse":null,"conf":{"appId":1,"configuration":{"attributeRules":[{"name":"CA_WalletMessage","pageUrl":"https://connect.secure.wellsfargo.com/services/wal

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:11 UTC	1008	OUT	GET /activityi;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? HTTP/1.1 Host: 2549153.fls.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: test_cookie=CheckForPermission
2024-03-28 13:19:11 UTC	1039	IN	HTTP/1.1 302 Found P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Date: Thu, 28 Mar 2024 13:19:11 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Follow-Only-When-Prerender-Shown: 1 Strict-Transport-Security: max-age=21600 Location: https://2549153.fls.doubleclick.net/activityi;dc_pre=CJqRxPOFl4UDFUc1dgYdYJsNTA;register_conversion=1;src=2549153;type=allv40;cat=all_a00;ord=4821725510436;gtm=2od8g0;auiddc=76357132.1711631948;u1=1120240328061851126288949;u5=n;u8=WWW;u11=PRODUCTION;u18=33955380241426191774167127150413392378;u23=DESKTOP;ps=1;~oref=https%3A%2F%2Fwww.wellsfargo.com%2F? Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Server: cafe Content-Length: 0 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:11 UTC	451	OUT	GET /ee/va6/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f134fe53-5091-456a-be12-2dea853e8e15 HTTP/1.1 Host: edge.adobedc.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:11 UTC	418	IN	HTTP/1.1 404 Not Found x-request-id: f134fe53-5091-456a-be12-2dea853e8e15 vary: Origin date: Thu, 28 Mar 2024 13:19:10 GMT x-konductor: N/A x-adobe-edge: VA6;7 server: jag content-length: 0 strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff connection: close

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:11 UTC	459	OUT	GET /ee/va6/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=5afea92c-2d16-47bb-bad5-3f8c2691ab16 HTTP/1.1 Host: edge.adobedc.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:11 UTC	418	IN	HTTP/1.1 404 Not Found x-request-id: 5afea92c-2d16-47bb-bad5-3f8c2691ab16 vary: Origin date: Thu, 28 Mar 2024 13:19:10 GMT x-konductor: N/A x-adobe-edge: VA6;7 server: jag content-length: 0 strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff connection: close

Timestamp	Bytes transferred	Direction	Data
2024-03-28 13:19:11 UTC	663	OUT	POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1 Host: pdx-col.eum-appdynamics.com Connection: keep-alive Content-Length: 12670 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-type: text/plain Accept: / Origin: https://www.wellsfargo.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.wellsfargo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-28 13:19:11 UTC	12670	OUT	Data Raw: 7b 22 76 72 22 3a 22 34 2e 33 2e 37 2e 31 22 2c 22 64 74 22 3a 22 52 22 2c 22 72 67 22 3a 22 30 22 2c 22 65 73 22 3a 5b 7b 22 65 67 22 3a 22 30 22 2c 22 65 74 22 3a 30 2c 22 65 75 22 3a 22 30 3a 2f 2f 31 2f 22 2c 22 74 73 22 3a 31 37 31 31 36 33 31 39 32 39 36 33 37 2c 22 75 64 22 3a 7b 22 43 75 73 74 6f 6d 65 72 53 65 67 6d 65 6e 74 22 3a 22 54 50 42 22 7d 2c 22 6d 63 22 3a 7b 22 50 4c 54 22 3a 31 35 32 30 37 2c 22 46 42 54 22 3a 32 36 39 31 2c 22 46 45 54 22 3a 31 32 35 31 36 2c 22 44 52 54 22 3a 31 32 34 33 38 2c 22 50 52 54 22 3a 37 38 2c 22 44 4f 4d 22 3a 31 35 31 32 39 2c 22 74 73 22 3a 31 37 31 31 36 33 31 39 32 39 36 33 37 2c 22 50 4c 43 22 3a 31 7d 2c 22 6d 78 22 3a 7b 22 50 4c 54 22 3a 38 37 39 35 2c 22 46 42 54 22 3a 31 34 39 36 2c 22 53 43 54 Data Ascii: {"vr":"4.3.7.1","dt":"R","rg":"0","es":[{"eg":"0","et":0,"eu":"0://1/","ts":1711631929637,"ud":{"CustomerSegment":"TPB"},"mc":{"PLT":15207,"FBT":2691,"FET":12516,"DRT":12438,"PRT":78,"DOM":15129,"ts":1711631929637,"PLC":1},"mx":{"PLT":8795,"FBT":1496,"SCT
2024-03-28 13:19:11 UTC	1216	IN	HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 13:19:11 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close set-cookie: ADRUM_BTa=R:27\|g:3f867703-6b38-4ae4-91c4-0aef9c299f7f; Path=/; Expires=Thu, 28-Mar-2024 13:19:41 GMT; Max-Age=30 expires: 0 set-cookie: ADRUM_BTa=R:27\|g:3f867703-6b38-4ae4-91c4-0aef9c299f7f\|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Thu, 28-Mar-2024 13:19:41 GMT; Max-Age=30 set-cookie: SameSite=None; Path=/; Expires=Thu, 28-Mar-2024 13:19:41 GMT; Max-Age=30; Secure set-cookie: ADRUM_BT1=R:27\|i:559461; Path=/; Expires=Thu, 28-Mar-2024 13:19:41 GMT; Max-Age=30 set-cookie: ADRUM_BT1=R:27\|i:559461\|e:2; Path=/; Expires=Thu, 28-Mar-2024 13:19:41 GMT; Max-Age=30 set-cookie: ADRUM_BT1=R:27\|i:559461\|e:2\|t:1711631951286; Path=/; Expires=Thu, 28-Mar-2024 13:19:41 GMT; Max-Age=30 cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0 pragma: no-cache vary: * x-content-type-options: nosniff strict-transport-security: max-age=31536010; includeSubDomains access-control-allow-origin: * access-control-allow-headers: origin, content-type, accept x-envoy-upstream-service-time: 0 server: envoy
2024-03-28 13:19:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0