ocsp.dcocsp.cn/
47.246.44.230 471 B IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash cc7daf8ad2058b437f5b81844f35d0f4
3594e814a931af386325370f4f072c03d7d8682b
ce85d1fa0c69c629d2ffa38f0435a3007d682bdeb455e4d9a809472b96da90dd
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 10 Jun 2023 12:17:45 GMT
Ali-Swift-Global-Savetime: 1686399466
Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.se1[22,23,200-0,M], cache8.se1[25,0]
Age: 2018
X-Cache: MISS TCP_REFRESH_MISS dirn:4:182997003
X-Swift-SaveTime: Sat, 10 Jun 2023 12:51:24 GMT
X-Swift-CacheTime: 1582
Timing-Allow-Origin: *
EagleId: 2ff62c9c16864014847006493e
www--wellsfargo--com--6549329d48d6c.wsipv6.com/
163.171.134.56200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash fa29b1f1d5b9aaef40c25fb87da150f5
5e7013ac6c8951c12ef8494e2bb0ddc9f567777f
8b107a33df75db9c55ae77b17851ef587f95ecb03e0ab9703d47da30493ff886
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:25 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18965
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nuance.com; script-src 'nonce-03a60fb5-b49e-4832-b2d1-72c6dfc4dfac' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18892 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176; Expires=Sat, 10 Jun 2023 12:51:54 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:51:54 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:51:54 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Sat, 10 Jun 2023 12:51:54 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:84; Expires=Sat, 10 Jun 2023 12:51:54 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306100551241908942600; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:51:24 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; path=/; Httponly; Secure
DCID=veSdxDMLNAIQaY5GqsPq34EOfRbtz72se9sHFC0b9OI%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:24 GMT;Httponly; Secure
_abck=21532D51416DC14A5661DF712B0898D9~-1~YAAQTpbvUDViTpqIAQAA+YhcpQpxmnW54ixfF7totqag2lnAUnQE153j8RDhkxgXbK+crNdr7gCreh7ZBpppRY1wqXBj60aVWQaQMP5CM6Yf3j37L9UnPYM5cxAb0IejYM2R7kJk+6qQoNA37a6oIGn+ThTsCHOVmK5Zgc5V/JEZVFfZtxeE9kgDTLc043aJrQagLYAFBjvqT6UWQvVp9d9wVKz620cLKHSxvJclPPxFHObglMzTDU/1hm1rhJmb+DX1E6r5fj52pYqH23xmmkSIxbShBeifer8VyeX2PnxsAvubIaiYyPmfI2si4yFBi3jhf7uorr6WOybqF7XYteSaO3N9RvOnZbOslfpt/vjkjVSGONXVnZYED0U9Epgu~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:25 GMT; Max-Age=31536000; Secure
bm_sz=1BB104FABE7971D9FAFA359DA37C2EE6~YAAQTpbvUDZiTpqIAQAA+YhcpRRus61a45y6KJunD3FDX9t25ojmMjSb125hD1BtwznF0m88b/YN6LeeMy3oPkIF4UfRD/GPNVkteHR/kDi7gJikKOaYuJ+WmPjkTYgDxsK0t3zypLf2TeI818pLLv07ySJvipZ/257A4rfzTCcaLklQ54oJ6+oIoUqwxhnz0fFSYhEuUV8qfZRBk4LoLjiygQMVdOl3orYg0WLbnPyGUJxQU7dtg7KiSTmdAKEEtIlGWh6GJz9dlo6/tZQ+SdiADGxm9fO6KP0O6T6Z0BNUdfO+7DIL~4342583~4272688; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:24 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cc_VM-ARN-01cnE31_22189-17662
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=477435
expires: Fri, 16 Jun 2023 01:28:40 GMT
date: Sat, 10 Jun 2023 12:51:25 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.27200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.27:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sat, 10 Jun 2023 12:51:25 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=0lMSNKk+RPSaXzEeghPjLQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=477413
expires: Fri, 16 Jun 2023 01:28:18 GMT
date: Sat, 10 Jun 2023 12:51:25 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=477622
expires: Fri, 16 Jun 2023 01:31:47 GMT
date: Sat, 10 Jun 2023 12:51:25 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6549329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 76 kB URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 0d61b4e4742d5251c44efcd5d8166a2c
04189d5a539c1cc84fee87994097919000f3434b
c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:25 GMT
Content-Type: application/javascript
Content-Length: 76203
Connection: keep-alive
Stored-Attribute-Sha-Checksum: c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Last-Modified: Wed, 26 Apr 2023 15:12:26 GMT
ETag: "5b60948dc39561fee36fa77d7eef5047a16cbdb8b05e43f4f2fbc918f19cea08"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=BOSNjLSf6VOriCtHNsH8qw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=0B6F637E1353CE37A8A44582E9635EC3~-1~YAAQVZbvUMBw252IAQAAgopcpQq1Gca3p2Go5BiReInKnY/sCVi4eGY2iqCkGnosNSydlyP2pN1t5JiT3NaYi8r7zNhRINzHKgmlEtV7XJujAyRgh/nfKfmuOm69gh/Bi5mf7TZIrJYord0tE2aemW+T9F/UkErFLZfeUrNu1iKIXETFUa9BX5x5ZcMIHn/uM0kL1WkWZqlYGI4ucR9x0nFCBm3W9C+dKD2It2jGQN+0omEdyjEpTVaOQZQiZZ86rs4D+lIQ6li/6u/2+UYYLKmXKDk9bj5PYKYFIu7UR2bkRYxXkYnkV/tgLu1zpZWwkWgn80SLM6xM9rbBQn+O0hkXSae0UE/dcX7JHef7MKeIsQpK/Wch56c1m1mXJyqh~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:25 GMT; Max-Age=31536000; Secure
bm_sz=F85035F3A15FD1FCE7D3D41C7C74A4AC~YAAQVZbvUMFw252IAQAAgopcpRSkOpoN00aXKh0K0qzJiL9peio9Qm3uWX2lSWQRVAaoj7k+DlXby67fdrK8s/gNIeQsSnudUPn/1J0WLWVRU2LJHJSYN/DdbzkrPfB8Vb89iK4DFvhfUGmDmKusNHRGf2MkbcOVKdWlNWqRNCC4RIJrkbAIDetl+HwdrwVH4OP+i+tDCON6RIX+pCCySdzQyDKYu+T0I8fhT32MXTleXq5mbhgsfsysY3zpWq9DkNW5PpUN2Vk7gTPRlmEpIDwzt1Up+8R2G7xopoXYbUwsAM2cpSfw~3355192~3424819; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:25 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cd_VM-ARN-01cnE31_22227-19072
www--wellsfargo--com--6549329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.134.56200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 639612224995638b19908ca003c5c27f
8dee285a7b72eff0120b7095f5874ef300155be7
b06999ab5fe0fbfcbae4fcd87dd59688cbdf1cb68023b52fd441f3aefd34db1a
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:25 GMT
Content-Type: text/css
Content-Length: 24054
Connection: keep-alive
Expires: Sat, 10 Jun 2023 12:39:09 GMT
Last-Modified: Tue, 16 May 2023 18:56:42 GMT
ETag: W/"6463d1ea-2b00d"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cd_VM-ARN-01cnE31_22227-19071
www--wellsfargo--com--6549329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.134.56200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:25 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Sat, 10 Jun 2023 12:39:09 GMT
Last-Modified: Tue, 16 May 2023 18:56:42 GMT
ETag: W/"6463d1ea-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cd_VM-ARN-01cnE31_22143-14625
www--wellsfargo--com--6549329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.134.56200 OK 59 kB URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash a933fdd4ac4b1b509156b6d8e5a3f6f8
333f8eeb5ea0eb2f178eb84e2f05889ae6003d24
6097c62137472315d46a883ed1c7f75f8f3ca70dab8a485f39a02a0ab92b906d
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:25 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58984
Connection: keep-alive
Expires: Sat, 10 Jun 2023 12:39:09 GMT
Last-Modified: Tue, 16 May 2023 18:56:42 GMT
ETag: "6463d1ea-2d1ae"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 VM-ARN-01XDr43:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cd_VM-ARN-01cnE31_22147-24871
www--wellsfargo--com--6549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.134.56200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash b300ebf9a3b36b73d98d2b8ec8113ee3
36c5bd856c3eb96b483c983df74cb8f1160a9771
100e37e0181addb9fe1b61021f225c7b9f465dba18ba04764b2e1f36bece3f4a
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:25 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4283
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 10 Jun 2023 12:51:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A4iKXKWIAQAA1ZBpCLvPFItWix-5RvLeAFDnvWBE_enxbpOQ2yEfGFQNhAGgAaOrhiucuNk0wH8AADQwAAAAAA|1|0|6efaf39b826c204ba9214cabdb314645ac8c4fb3; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=vHmaquCdcbYc7lXPBpdIOPekVIqCIkniRbOE%2fU1VTHs%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:25 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cd_VM-ARN-01cnE31_22189-17663
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.27200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.27:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Sat, 10 Jun 2023 12:51:25 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=QzGsZicEDtmK7578N9lneA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=15086042
expires: Sat, 02 Dec 2023 03:25:27 GMT
date: Sat, 10 Jun 2023 12:51:25 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15089924
expires: Sat, 02 Dec 2023 04:30:09 GMT
date: Sat, 10 Jun 2023 12:51:25 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14982212
expires: Thu, 30 Nov 2023 22:34:57 GMT
date: Sat, 10 Jun 2023 12:51:25 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15090806
expires: Sat, 02 Dec 2023 04:44:51 GMT
date: Sat, 10 Jun 2023 12:51:25 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=14982216
expires: Thu, 30 Nov 2023 22:35:01 GMT
date: Sat, 10 Jun 2023 12:51:25 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
c1.wfinterface.com/tracking/hp/utag.js
23.36.79.32200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Sat, 10 Jun 2023 12:51:25 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=0mOLD5PEBrhgRqkpfkm0HA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6549329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1923
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 12:51:25 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=8dRVyQ+TXf88hc3mcsZQOg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=8dRVyQ+TXf88hc3mcsZQOg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=DAF0DA0D8B112651CD575A644326714A~-1~YAAQVZbvUNpw252IAQAAMYxcpQouVlO3ORBQvFuUMpHmtLyW86ZHUfh6N+baeNCXmMGzJoXctv5bHIC+WOmCRQqD6wcQKYVPbI6kdbZ+ls8xFC8P9hn1H1uGsN/HfEQhvvCDxacTfWLZigwMPm/YVSNP+R3ksmYdWVoDYNDadRBIvrL1fVq1uHTi6MP1TR1X/0na1fN/VW6zRUepO5Mi7riQvFRHiJcBBMLj5/3x5z0bXQnTNudw1FDA5go31c8ACyB/Nm8DC70rNJnCSQWtfto9hfqWMUszfLgLmIqCclUMc9SToPfgRzvUMP9lBD01BYUotqN0pFe+/VsQyTxTeayiTik+QGRa1FRWKinKR+cfH7ImFQsi5JHpBXvXAXXu~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:25 GMT; Max-Age=31536000; Secure
bm_sz=B665AA1013AD1F69E54B7011C51CA020~YAAQVZbvUNtw252IAQAAMYxcpRTjWI400wksfX5eYBGqrYiTCZeoS9oYRRli52DS/81uzeic1Y9R1bwJeOsuVgJXhsMVODuzI3ThsyJccHgQXYD0zTPUrnDDnS+zMlhbtVkRZxsJAy/L50wM14OzTfRP7Ikr7T97ByVDUF1cBRimZRTgf2Pnou63uOf+STMtkxN8/Lcsnrq/IkwQXt6YAolxCZGcQqfEj/jTIbsyueT8l+5eoaOwpwbwj2I/t83yyLt/9uCtU/BdZMvSiz7BYIaaeg4frtPKZsw/3xhlXhlJ0Q3wRQAT~3355192~3424819; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:25 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cd_VM-ARN-01cnE31_22143-14632
www--wellsfargo--com--6549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AEDtSKWIAQAAg_eQ7w7J7ezXIFOEiXBwpcjQxhU9bvVyi4rbGIs_ULDDJlIR&X-G2Q3kxs3--z=q
163.171.134.56200 OK 150 kB URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AEDtSKWIAQAAg_eQ7w7J7ezXIFOEiXBwpcjQxhU9bvVyi4rbGIs_ULDDJlIR&X-G2Q3kxs3--z=q
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (149722 bytes)
Hash 6bab54714f7332dc0b4d55594144fe42
5ffbfbd258c32e777ef8f6715b130f052475c255
fa9d6735bab7fe68247aadddd429999335166266b1e2be65f7256cdfdf088528
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AEDtSKWIAQAAg_eQ7w7J7ezXIFOEiXBwpcjQxhU9bvVyi4rbGIs_ULDDJlIR&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 10 Jun 2023 12:51:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A3uLXKWIAQAAcxYE6tkgFqCO3ToaOnZJ-W1CXBhmzOofz3P2oDZFxcsfP7UsAaOrhiucuNk0wH8AADQwAAAAAA|1|0|ba5a0083d39db7f1be38d2cd512637e06d921270; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=HF0FZFpVd7+4g0cWC01ywb0Zijdnh2IjaIZomkpIgdg%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:25 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cd_VM-ARN-01cnE31_22227-19076
www--wellsfargo--com--6549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.134.56200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 10 Jun 2023 12:51:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=uZQivwD8xCMIxw3PLP6NpUbHNNUMc9RgsUglfW9LjN8%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:25 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cd_VM-ARN-01cnE31_22147-24876
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15578
expires: Sat, 10 Jun 2023 17:11:04 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=477608
expires: Fri, 16 Jun 2023 01:31:34 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6549329d48d6c.wsipv6.com/target/offers/conversations
163.171.134.56200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (10671), with no line terminators
Hash 7a4a7ad1938dec83a67e40fa432ad271
bd6f51d3a91d5829fe9cfc6c5f439a3f49aa796f
ccfe0b687248cae22eb9f79365932a705cd1aa76f31595faf38322f3abcb5386
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:26 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2099
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nuance.com; script-src 'nonce-66b7aa40-c079-4f4e-b4e7-25df5d4de173' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:8a0edf8a-0c22-4e60-a839-301e91e5d176|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:84; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca; Expires=Sat, 10 Jun 2023 12:51:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:51:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:51:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Sat, 10 Jun 2023 12:51:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:124; Expires=Sat, 10 Jun 2023 12:51:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306100551261274847147; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:51:26 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=8509898CD20628E5FA163BDE52835F7C; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=4975gPhTsIkhmIAj+RvdwfxOjDkrWEAT59ZwfvGxvZlAut%2fcXMqXqNv28s3L5m6X; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:25 GMT;Httponly; Secure
_abck=A7EA06E81D63CC7C1D2B089E728695E2~-1~YAAQTpbvUDhiTpqIAQAA6o1cpQoJlrv51sC6v5Mu4BGKIHbnuuHgixQ1Qoicb+CSveEX2XeEAeh9F6I0wNH9k9d7i0w1aNwrLrsQHdWKnDNkPaItDrCajMML5auedOw9nqgeBTUJoCvA66LeTZlJ58v4kuf8rysU8T0gRDKBglkG1wotyg4NqwFm0+tqty57GRM2eyPoRxK/4sQ0a2Y+oif3S7bOZqQItWQ3lm1stJZgPcWTzLMcLjmyR4BGdNSW6jfwkrldoEYz6d/4kXk5vZO/5x9kgtfarg6NKZXTcBCj3DM/lk3gyDfvrj+DvsWxr4p9nuI3kduYqWP/tZz94pdzJOVWWnn2/FBMf0JmQFLDc8F7MX6QNS5jORi65nKf~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:26 GMT; Max-Age=31536000; Secure
bm_sz=675D8B22A2F50AFB17532A798894421C~YAAQTpbvUDliTpqIAQAA6o1cpRTcqvipKGxGJmBTm2MtODu/C8odG1o8xbxujx1kpAUkc0hRNhvyITzKiLB5/E/hbAcmYActxBYMSMfm18ndJ9OaJ11Ie2dQySvjbvQOcdvdX3/1D6GWcxUpuWQUjrt1c45ZkPEtk3MTmbgPNFQEgCWy6MJ3R6993QF3guelmuLL+JQfT3daLvsGswxaaYqDrQyAIH0VRYMu6TwKiZeBIKgVg2PfnqBWLAGXiyyzBD4vQcpWYaxi18kY44QfrcvlXeKU3oAGZ7QmlJPfiTwl9/GESJ0E~3355192~3424819; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:25 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cd_VM-ARN-01cnE31_22227-19077
www--wellsfargo--com--6549329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2847
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:1$_ss:1$_st:1686403285340$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 12:51:26 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=tlAdymp8AprLQWw60WomRw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=tlAdymp8AprLQWw60WomRw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=D5B2325EF61C1BDD0B48A829EBD8BDE7~-1~YAAQVZbvUO1w252IAQAAWo5cpQpY5jvKnWm2EU/+xbefSlN80hafbChiqn4qu0LYiPCJP5rVn5Q0268Bd9TZQPgiS0w2EcGtaTUSPuTJjzUxkJcw9MZ9LI1lqY5BOJr2dq3viaB8syDaME/eeVxKDuD/xyRK/yYX5uwHi35iEEcZ0uB30IsV/UeGhsiDNEzimb4a2IP/ZkEl7vseIR0v5jnlpq0MzzRO8HqW2DCzo3OqOwSH8iuNQ+IHwvt/n3Ec5hSrUmvEawI/yc3TxWHPtcO+ZsDzneTGbzqq8lzw4LHZp0sJcZSv9gLptwRd+sIyOhd7DfcExeqiI70WH+sxxgS9KthA+2LvxjnwZIbZq0+AoqU5RUmRjSTATwTZACjb~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:26 GMT; Max-Age=31536000; Secure
bm_sz=B5B89D64808FB0EE82525DFEC1FC2759~YAAQVZbvUO5w252IAQAAWo5cpRTgHUK16ju8+vL/J3/sD/G8jW3duvp6+QPo2MkgTJu8M5lEv1/iBlxTS19aXGq6G31Iff3LhSSxEFH9+nmjBVvb6+f780bnQvsBX4+G7huPx4bbU4OFkMlapQXYjP1YJNjy++aBpUNb2/wsjsE4BOpnhEriApUE/6gOzsPNdcg529bSdBSNeTWLkb6Q3ZPTnHtF0DpKsDnfjTrhYZ8CTxSqgPGHKWcqp7Pp6NnNtCOUNZSyGA+pwqCBOhx0kDlaACpjZMpqWHDuG7fcrA/PMUCqcoH4~4342578~3682871; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:26 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471ce_VM-ARN-01cnE31_22147-24880
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
104.110.27.78200 OK 3.5 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d1b1a3360bdd72738e293e52317421be
959dd982844853f38ab34579ad4738ee17b263d4
e03095c638618279cc642e7a7e10d962f3d7161eb34a25c9a2407045fead2391
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61a7e46d-e1c7"
last-modified: Thu, 20 Apr 2023 01:30:27 GMT
server: Akamai Image Manager
content-length: 3542
content-type: image/avif
cache-control: private, no-transform, max-age=477435
expires: Fri, 16 Jun 2023 01:28:41 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
104.110.27.78200 OK 13 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7d601c2b059838fc333feb0e3e020fe1
f57bc430ce2a2b0c146e8d573569367c6bf75bc3
dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c53-e73f"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 13330
content-type: image/avif
cache-control: private, no-transform, max-age=477518
expires: Fri, 16 Jun 2023 01:30:04 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
104.110.27.78200 OK 27 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 45a212ca9acc61f0bb2570fad9b1ef6d
0766da6abe3d736412ceba81a699a55110feb6b5
99dade4264e8d662c215bf128f8911bf7e53123d661d9783c0a4260970fd51fb
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505838-e489"
last-modified: Thu, 20 Apr 2023 01:30:25 GMT
server: Akamai Image Manager
content-length: 26587
content-type: image/avif
cache-control: private, no-transform, max-age=477515
expires: Fri, 16 Jun 2023 01:30:01 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=477564
expires: Fri, 16 Jun 2023 01:30:50 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=435896
expires: Thu, 15 Jun 2023 13:56:22 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
104.110.27.78200 OK 24 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87b3f9d652a18e74ea8ef53a99b251d6
8773c9b3a11fb9247039d731888724ccfb74bb5d
86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c49-e902"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 23508
content-type: image/avif
cache-control: private, no-transform, max-age=477505
expires: Fri, 16 Jun 2023 01:29:51 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=477481
expires: Fri, 16 Jun 2023 01:29:27 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
104.110.27.78200 OK 2.3 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 3ce78d6dc48322da6961f79a42940dab
528dce02a84b67925d3e41632eaa418f0de7ad23
a137906477e02c4e3a756f805d90072a0c2e5c0d50290f0932de573ab29de76f
GET /assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "641a0e62-1da30"
last-modified: Thu, 20 Apr 2023 01:31:14 GMT
server: Akamai Image Manager
content-length: 2317
content-type: image/avif
cache-control: private, no-transform, max-age=328122
expires: Wed, 14 Jun 2023 08:00:08 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=477576
expires: Fri, 16 Jun 2023 01:31:02 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=372353
expires: Wed, 14 Jun 2023 20:17:19 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=477438
expires: Fri, 16 Jun 2023 01:28:44 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=477564
expires: Fri, 16 Jun 2023 01:30:50 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=477440
expires: Fri, 16 Jun 2023 01:28:46 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=477721
expires: Fri, 16 Jun 2023 01:33:27 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=477406
expires: Fri, 16 Jun 2023 01:28:12 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=477458
expires: Fri, 16 Jun 2023 01:29:04 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=477560
expires: Fri, 16 Jun 2023 01:30:46 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=477748
expires: Fri, 16 Jun 2023 01:33:54 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=477863
expires: Fri, 16 Jun 2023 01:35:49 GMT
date: Sat, 10 Jun 2023 12:51:26 GMT
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
95.101.10.136200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Sat, 10 Jun 2023 12:51:26 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Vd+SKqj%2fs25v9RMpv4JYbWc8ftAHYR09f6LIHH2Lyf4rXBAG%2fMNxl4LS1emqST+d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:26 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
95.101.10.136200 OK 150 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (149492 bytes)
Hash 26d0dc505619803132fc84d49f60a4c4
3858497e83e4499d5d32fe14cb283cc51f1e9005
7489ef97dc19e41da16de85172f5a8e1985b4df8c3fafb70d3e683824b871464
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 10 Jun 2023 12:51:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A_SPXKWIAQAAIJ3QcaLUyGXMnea0dlO-DHZeh4o8_KoCj1VJfkxl-QspbXK4AVtaKpqcuNk0wH8AADQwAAAAAA|1|0|8cd2fcdab4c64aa4075ceed446f1e1ae62746a6c; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=PGV98nqN9aD2bjKnhXtWNI8FmogovHuyAwMnqMnfar8sjg3tM1IKwPNVTETHu5f0; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:26 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6549329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.134.56200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 24e038ab809161cdbb27c52565d8ccc5
ca6d73652dfe2efd8b63e3d25cc7750a50048d61
5315db1bb5e02e72960ffd05b1afa84f71c39a012e15c34077653e9c2342c118
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------20443115521316385371863898784
Content-Length: 169
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:1$_ss:1$_st:1686403285340$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:27 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Tmb4G6rQbskQKCq13BqdAxuegkQM0CnlBbOEK6xm+ME%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:26 GMT;Httponly; Secure
_abck=E759DDFB28EF1D520289FAF84B25A99A~-1~YAAQVZbvUAZx252IAQAACJFcpQrUoxVpwmsOKyDUozsVtTuaAWeNPAliUPHJJe9gGrAHBR18FluPg9LuruJCLpVGVpWVDuSg0ouxVFgpYxYEk2ZOHxO+BXbwkVwYSGkhGq6qJNOjG6cg48b5WPk1qZbDkrHNO6PJ3M7UQHL8qQrzlyl6XfDrwzAc55oU6wJhnExI08xDfoUkKjPfcnbP1mJO6xWg1hgIPLF/bvM+T6jQ94kc+3TNXG9ZckR7Q0sfz2ksMWI3S1Vbf9ckekjUzjI9s65AET+pi67ZcyJ5q8vSpeWX2rNIXGj0a9HcSGyt6V+MNN8iYazYT2Ea4n8Am8+J0fOtZ4F8RJ/uHZUS+bVDNtorbIapeM8ABz9o0pp8~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:27 GMT; Max-Age=31536000; Secure
bm_sz=BFA68A67F63A79BF2CF7D667FC6BDD42~YAAQVZbvUAdx252IAQAACJFcpRQBSr8axYQI2mev4N0VPGfy8vLZtWf1K+EjzctmwjjP3DfNhjPY/pTaqapFEosi/JgLm+kvtGHXhkr2rFiInVbTxMJM00iPHHRZPBPEQ4kuIVr9icJd6O383nGTiRU2lu3CLGeWQPOWTyKe+CH5LkuRJeCSSA49qFVyNJbc7AMlJJlKD6EF+oCreLVZNt8rfvRc1M40a8KexOW5hTCjYggmRXptgJkXEgb2/JXc6OWm0pseFc1EXX/KMidhnPZ+OY5g7ks3gV/L4URfWENtAP6whqub~4342578~3682871; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:26 GMT; Max-Age=14399
X-Via: 1.1 VM-ARN-01XDr43:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471ce_VM-ARN-01cnE31_22147-24884
c1.wfinterface.com/tracking/gb/detector-dom.min.js
23.36.79.32200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=lvV6GnrFD8k00mtmsszYug%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
95.101.10.136200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=sX%2fvIdmq8KllJxcyYgsn%2fA%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
95.101.10.136200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=WnehOOxPGHk3FHBWqr%2fI3g%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=0KMUyAsgNK4w2YvZuISOoA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
95.101.10.136200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Wb1RmW+sqsrxSGCltH4w2yUP4Y1Evx142AZj3IdJTfKVeF4ToTsqEF5NWcnVnNUQ; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.27200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.27:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=MAwMF3WbmI9+sdZMs4xzyg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
95.101.10.136200 OK 367 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65439)
Size 367 kB (366646 bytes)
Hash ed876d09f51c9e3bf7a72d9cd0c6ba70
1451ebd78f86e66969ac4dd31d52744cc68fd9a1
09d080b8cbf4892422de75f1a0f2ce43e3c9578cf6179674546782dacc6178f7
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=NWYwIDmlcrtFuT%2fUuI0vHiiQks8VFCPywVcBWXIEU5rGng3zBERkBp1JyF%2f6Cr4j; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6549329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2683
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:1$_ss:1$_st:1686403285340$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 12:51:27 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=6hcWbvd%2fzuwHiF%2fVLjpSUQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=6hcWbvd%2fzuwHiF%2fVLjpSUQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=B2791D1D0F5188829F445993FB4A3BBC~-1~YAAQVZbvUBlx252IAQAAhpJcpQpSjouJw8cWQcvDiP+ZFrwWzS/1PZI+in7xxmpvpHFDyAnddgwa7O4qhnY2JbaOpwj3lK+wDGVLhKuS9DEeRdZNz68RCe0wSkc6PUG9LyKoIMMX1ClvWCSD7Znq9J/TjJFvtoS9Aqxjo6xo4YO4rJF1iEbEOww2Hhozg8VUfEkLM3o5sZnLV/NbmpOk5pyS/VgMCNLyvB6Z5R9Yp1dKQSuOazaRlHlimU2Y+RiTp/laYHwK32FT8CSbzSNz5nsrsnBY6BSI4G5xQuaba6200dTZBJaChvSILvWHvWWdVB15bAmIQzWvIJd1pCFd81hxqAZVNPRRBYhQ5SDvly/FMfGvwt5Dh9WgFsJ3S3Gt~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:27 GMT; Max-Age=31536000; Secure
bm_sz=6B2545B46CEB31B89717DAD55EADF056~YAAQVZbvUBpx252IAQAAhpJcpRQAmD5tQQwR7APXLuNMSg3cYIsToTz7PxZJv6YYWcTYHfJ5Bf57VkWDDOew8ZICzEVM0U8ihbjXtOlbXdKK0Nwo7XUfFN+stJ0qxgkMFq41d//EHZGp0pAnxJ2sVqj3YfpU0Sk/15YORJFikZNR1YHGEwQYbr8U7PGepbHSP82cEIMqMBMpUvrOgGajaRe2l5yv7rB/w91Fl5UJBXk1ZY0c1j05S6e9i6VU3v2xNf4DcqsFN39ggT3C+HtMPvtM/CtVNTKfZoxj2+jtnoVhJh3RWNiV~4538678~4405048; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:27 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22147-24886
connect.secure.wellsfargo.com/AIDO/glu.js
95.101.10.136204 No Content 0 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=epABynz5vKwqdKDdJDehf306sL+XqK3Lh3GWlxculwt4ufbiETFXRjL8j4ISpYjS; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
95.101.10.136200 OK 308 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 308 kB (307653 bytes)
Hash c85014374233a557bb0c3371506bb5a0
aeb987debdb406b79606440a165a027770ee03c7
79c53c9a2acedfe344e6246a510b6c7a687fb868006a15f7afd5886a1b88abf1
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=5mSOr73LKYCZHlOmOPUcZQ3B0edtGQdKuzCdftSghmE%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
95.101.10.136200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=4HVhQnFwNciHK1fGknHsc3aBp50LnOe17U3F%2fgcJcuuHjKkWIytkUJsmNpjHbEWs; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
95.101.10.136200 OK 331 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65446)
Size 331 kB (331228 bytes)
Hash 6ef479c44379f2b9baec883c473a53dd
6d971f4dc64d2a685ca927c90021ebaa601c2726
11b00cbc413cf23b0f7d71dd7f65469d1eae548afbeaa034f0261307093d1d24
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Aec5hWQRHjQgdj9eCzgvHd2yClHsV%2fyg5D4GEL6Fn6sJd0spzjkIC+tMePyDKzaf; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=4gkuMnWxNfzRKgn+qdxPww%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=4cvzy5QuRE9XAcdvbAQHfQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=AgDWVezXsYLzcOn6aHwJgw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b%3A0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pv=2&f_cls_s=true
23.36.79.33200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b%3A0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pv=2&f_cls_s=true
IP 23.36.79.33:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 389db68f347b7a6053e38048e1a9480c
1c2d3afd0b39eded23bdcdd65e74f9cf37bb3467
e8ba6bea4df2d785312cce706c4eeb627eeb66a639b9c30c26b70b0a83ed8b94
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b%3A0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!hy4NFNoA1yCYkcfpnNE5eVRfS7HzY1+NDqzvMXP2qStMKiP2iz5yKe+tiOxLF3x7n7VJPJ/BCa0Q9w==; path=/; Httponly; Secure
DCID=8AIZTypzK4M7fjEJA9Xj48dyXHj6grX3zET%2fgWzL7gULwULJZMIxDyxavdqXTwsm; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.27200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.27:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=D036muyn86F5CarD1QI0pw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ga.js
23.36.79.32200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=jKVbAcj0dtHS%2fMGA1E%2fMjg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.23486184333671467
95.101.10.136204 No Content 0 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.23486184333671467
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /PIDO/pic.js?r=0.23486184333671467 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=J4mvkevYgAkZ0yR9Gea8ZkWSUdpFq9Cs+hfnCobnLZ74sav5swXJkXFP%2f3y6wHNw; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487015&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487015&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487015&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:27 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:27 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=afzRZq%2fJyLGb+wEvSeUKe4bf9imK3A+9r8gLRD0Z7KO7mI%2foV3hSW%2fILr+6irhjE; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22147-24887
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
23.36.79.32200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=+F+d7UmawkrIuQCgxTiu1A%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487048&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487048&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487048&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:27 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:27 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=PsxLHU%2foBD3LjTUxhko86nmvz0miuTtEruoG7cjCHMAtTUcV4B9zfsIBYNwgbC5M; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22189-17691
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.04731691057946319
95.101.10.136204 No Content 0 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.04731691057946319
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AIDO/mint.js?dt=login&r=0.04731691057946319 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 10 Jun 2023 12:51:27 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=9W7CmH8zefXxVWpfpTGWMCL6ohlvKAebOxlBXTJ1j5w%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487039&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487039&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487039&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:27 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:27 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=8CMVCFKJcxnt4c41RFkPTZ7cjtKMgiHPaIdmMWLpchjUAfL6piQqM4U%2fIyJd2DF0; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22143-14641
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487029&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487029&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487029&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:27 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=DCvwlwOBZrSjTW5nj5YyetoM9VVeKTCWvc5Egxp+HjtN6ntukcX8oDIJDZNDKtl4; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22227-19090
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487034&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487034&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487034&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:27 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=YzAMPP4Z4spMhVQQegDuvOpauP+cmfalWFKeLLXCHHzVSTYupsQ3wS5XE+q6gS4j; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22227-19091
c1.wfinterface.com/tracking/ga/ec.js
23.36.79.32200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sat, 10 Jun 2023 12:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=hZZ6AjJXoRxBV+SCD60XNg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pid=7ad46878-c1ea-43e7-a496-7c1613efd2df&sn=1&cfg&pv=2&aid=
23.36.79.33200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pid=7ad46878-c1ea-43e7-a496-7c1613efd2df&sn=1&cfg&pv=2&aid=
IP 23.36.79.33:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 389db68f347b7a6053e38048e1a9480c
1c2d3afd0b39eded23bdcdd65e74f9cf37bb3467
e8ba6bea4df2d785312cce706c4eeb627eeb66a639b9c30c26b70b0a83ed8b94
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pid=7ad46878-c1ea-43e7-a496-7c1613efd2df&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2802
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 12:51:28 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!JwgYmKFPKh9N0yDpnNE5eVRfS7HzY23Q4ZIn/BzoPoF5ESkdRLpxrqaLrkL9r1tbHbRO0WMfKXaW2w==; path=/; Httponly; Secure
DCID=rU+PUtQ7c%2faKutDI2WhXNQhgDV2KiuXgyQLCppbFARSYTRMTKhM6kfp44ZnjeI%2f1; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487052&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487052&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487052&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=fXTbUh6PFOjb0H%2f49jcVEUKKKSM6JiyJenj67wF8Cu784tpFEbFQEC%2fklBSZb2LN; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22106-16071
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487057&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487057&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487057&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=KMVAdxixCaFs2HJMA+c%2fJ2Hp7EPOx6m5GYunMtgP0XuKL39+kieHskuqvf3MWSeL; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22147-24891
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487065&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487065&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487065&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=pJq8dQiz3fBAAJrwTPWNC3bVshxqBcejsP9MW3hk0koCSM7hs9gh5frb38mbCezb; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22143-14642
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487075&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487075&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487075&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=z09YV4bmBGg0yFPuIaW16OiTn2pFHE++V4DnUmTzug8wjvHrPt02o825Ggi5c8%2fZ; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d0_VM-ARN-01cnE31_22227-19120
connect.secure.wellsfargo.com/jenny/nd
95.101.10.136200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash 09db06635b5109a65c2185e27857932f
38195b9525ffb672088061dbb53f105a94a3f7fa
b10c5fb8fa8b0a2655f18977ab811df0a1328aa803fb87dd7a62a7ca3f83cb47
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17921
Date: Sat, 10 Jun 2023 12:51:28 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:6f6708ce-f627-4af5-9110-34a45f0138e7; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:6f6708ce-f627-4af5-9110-34a45f0138e7|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=69BNfJ0vFRic803R1l9sbAQTlTG+yAfug0CjjikfD1sUpYzvRMtjIFDQQvvy7YUq; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
_abck=2CF7B351F16036E633B894F2C1D9A60D~-1~YAAQhAplX7t9pp6IAQAAp5VcpQoicUVX44jtq+XoMNGLlyD47wuJpN5gOIHsopAsGfY8ympf2K8wiXHv7AL+VWpsFGbzgfBk/eT5PfRl6UKiUYQNR7+XudIG5bZ2PPOkgERiSYzTSVg3b8luSDc2Dd+kd15mFVL8LeJUodSiTRuJ1A3+4yGT+ogiINAVhToBVf7iqsNJCKI1DdfeZJ7jKo+HqCJA1LmJ221ROHCOo+b/c+9Wicrto5CJR/Sag9YRUi/I45ica8ytLglC7/Y1B7jEKYUkrQ3Bx6HwqPj7ETvam0XCnq4dX+1aJDDKlATpxQYv27SBThftknLk+I2c3E9nBGqsbCIs/xFLvHSGf71pBYNm+nT6A4Xqgq5WW6Yt~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Max-Age=31536000; Secure
bm_sz=8B5D5BCD0C76E9EF87A08C761D476BA0~YAAQhAplX7x9pp6IAQAAp5VcpRTF3lB3P9kQ66/jQdE0PEXbkZcR70ivPjuY58JoEBKcPaVBLdFSfYHEnDQ73VJ1MCtU45cy3opxq2wGoReHfqQEd7TiF7K0Mu+YvTH/2cWXqYbF5ZsP9vZ2Y/UOR86Szu5MY7ui7MgKils6LUxIOnWOMnvP5pEzBC985AIKvJcX8b5FUzBr8pRGpulPmFMKk6yAY1/S6yfNQwmQ5w2YrnjMtP31ZbyeiuG/fWl7AvdE7CZoGYo1g+8AWV2HTO4pwBLAUfLAQuF2D6BhaXmAuDdyD5rU~3552578~3616835; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ort.wellsfargo.com/securereporting/reporting/v1/csp
95.101.10.211 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 95.101.10.211:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3358
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 9374f520-6cc7-4c68-587a-6b27551b74be
X-Xss-Protection: 1; mode=block
Date: Sat, 10 Jun 2023 12:51:28 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:a72030e0-3ec0-4fde-bba9-7863fb4cfdc8; Max-Age=30; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:a72030e0-3ec0-4fde-bba9-7863fb4cfdc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:5; Max-Age=30; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:5|d:5; Max-Age=30; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure
DCID=Cd5qUeSBNJ+z25RGsW0k4bovT+h4sbbk8ZcbblEOzo4%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
_abck=F619994334CC0EFB87972679567BD1F4~-1~YAAQzwplX1V6+KSIAQAArpVcpQpsZuiHTdoTk4+2QWAl5jewi65cRJcg96l1ySyskYvkjF3hxBer6W3ErtypL3J0tJsS6eM8gG2PAXKo492M20n61JZzowCRA0rG/QKvQdCRkl/Kcft0UScAmKJFUFlveczGgBJm4hJlhemSev2JDb8JW9xTFJgKAbHwv9NFQTcLbM2kSS8a6y4rWVEX1tHeHyOex+0ypfllle4OiQinKca/Nqk4Si6neMl+XTPMas57rCIjyl6ZhU1VSV/QNG1EQgIR0tirTO818PhJXPZo98ZN0TNEpeOJG/LY7K65sjlWd5mcpLfKN9Stq8FHrZwCkVuPH7e0IPL7Cuzvb1JI+StGRhWS0VXTsAAq/PmF~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Max-Age=31536000; Secure
bm_sz=D4715ABD2A096A7EA6C9D7275A2AC0DE~YAAQzwplX1Z6+KSIAQAArpVcpRQExsDXU7S8ZuZniT3fy4E+5OCmhWAWbglHLPLPp/Az3ee7PvT40tTyANHvtMlVP3xhS+A9/pDdH+kVjhLvvFZ3/6teoBTbLQhH1IoGGPqRPIZJRNXVvwZ6bPeA8D+bW/t9KEnoRcW0TPYNru9i9TW5Lw5qnVO2/zvc9Q5PqvGjUyZapA5ldqlhubSiuNqSy0++gESJQH5h5uHLEI2uI+WVhTR56OPw/ZjEikUPL0j3Xl+1XeDxZzeUezKIMM+b7yKcI0sKEyw8Qn1+u1AogaGhM1i8~4536115~3360048; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487060&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487060&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487060&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=6%2fNyvP14MVleIXrHVoQ57Ldhcwk7Jgt8CAWYtIF83VroA%2fvMGOOtAKspANoqI1UZ; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471cf_VM-ARN-01cnE31_22189-17693
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487069&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487069&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487069&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=luOYlGBCdq6Cfymf%2fFxNllPuQfT6KBTB0cx2j3+k0NubarHxmDi66p823BSTBIeK; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d0_VM-ARN-01cnE31_22227-19118
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487080&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487080&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487080&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=RKG8XHJgynOrVMFrakBjfAW3nm3q%2fz7g9V5AhqHIBOsuLeotOwnWeShw1oMd49H0; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d0_VM-ARN-01cnE31_22106-16084
www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487083&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487083&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6549329d48d6c.wsipv6.com%2F&cb=1686401487083&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:51:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=E1VnaZe4HbbBJDi6Zbv5yJPh0Bn6p%2fn5aiAwvu7d5rgVM2LnngKxBimCryO4wjjS; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d0_VM-ARN-01cnE31_22147-24895
www--wellsfargo--com--6549329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 971 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash ceccf65202055aa7afbbed5ecaccb10d
218f9bf69d88b67af6caa90efa8352691b7a6111
2a615287777e68d66dc09ab5f16a4fb2b820f3e526b51abec7724716794bf0cc
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 267
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 971
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-5ac03a2a-05f3-4e4b-8b9e-d9acce1fc589' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:124; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:617bcbd1-79d2-476c-a855-c2f3aa401a15; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:617bcbd1-79d2-476c-a855-c2f3aa401a15|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:68; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=2F1D216610E3A88F55CA839642473211; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230610055128729253333; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:51:28 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!rS874ROO0jKwAIzz2xKqB3cO2dndHqDq2D65dlgOyOg1sXuKphJvUQFc9/t2NHbunPRUuJQSYMkF9g8=; path=/; Httponly; Secure
DCID=H1kOra8cxocKb3d7LZZ2aklLR0Tz+CgKQ1ZAs0DpHJfoysp5MfUeoGKyig9lKyTL; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
_abck=37022BD877F88C29F284B551E9D57BE5~-1~YAAQVZbvUGBx252IAQAAl5ZcpQpqRfqEQKhCFc9c8mJhGqW006ZPiGVUHe4/xk4tp0Y8We4cX4inMl/twHiffCs8tx3Funbv/ZikFJU507x89/dnvZPdBwCNn+GCRh0tGlE6FaSAqyllKJs4VnrNDKb3Px9L4XIOV2U0j3DhwYrwEyPTFsYXFVB110f484XFJUHI6zFaur1XHN7yqU0Vtfszdo9xRfPcYCeQzxSCA2fdxthBeHL2/6RvrjgjXaTJ+YpDlXjFAOD3ql2oQWjLESjXay8j8shxRP2DpvbBX7/IpcIawZiB9DecnoempYH40BKoDe9ewZr2zd0CVfK0zE+MmB0eANOtGnpz81zMBsYd2jHjUtfdccekwTWgQHV+~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Max-Age=31536000; Secure
bm_sz=A73E94940A1E506CB574DC2630651937~YAAQVZbvUGFx252IAQAAl5ZcpRSv1c3A8vDiEWGw7zMs8+7FdUCzD8OFxeshZ6kp9eU4FawonY+BVbeG4uoMXVGLmc8w3EII/N9YyokLCcdndWKHI+rp30Xxq9K9F19kzWSC2X48RlULNGimQxy4hhJZUtjyf+0OoHV3mTDIRaySNkXyeF/ibXdKozJeotMUjN7zAvVadB41IinRpCbKg0fbJSMaPZKlw3bPXSTGN3oMi0It5fE7tHYZz2TWGUEuWJ7y5JcUk3zfw0fdpG+a1+itEbSboU8WYcStf8PQuqq5n4W5ZLDc~3753269~3163462; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d0_VM-ARN-01cnE31_22143-14649
www--wellsfargo--com--6549329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 970 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2438), with no line terminators
Hash c85884072dc5fdde7868816cc5a88488
80881911ae295e59eb14e302496e00461f05bc47
f38ad252ebe28f8da2be7cf2dbb15f7e1dc80dfe407bec1ddf3c2655ceeab829
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 970
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-2bb863dc-5368-481d-90d0-26e89b98382e' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:124; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a44f4ccc-8840-49e0-ab05-9e9f6f1d9088; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a44f4ccc-8840-49e0-ab05-9e9f6f1d9088|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:26; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=F313350B8CAA21F054CFFC8B3E82D1B9; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230610055128514905583; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:51:28 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!kUNH5VGvAc7P2nsGl7IZxfIs0wroUXmOhkV5O/wjb7/DRNopAONKMYjam+ypVooYCQPDpOVAW/t5pI8=; path=/; Httponly; Secure
DCID=CwIMxcct5AEGHCTjSJcGv13ITp7PZsxwhsQVwiubJ2w%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
_abck=9759E75615AA2FF8470139EB51C52006~-1~YAAQVZbvUGNx252IAQAAqJZcpQqQNRQnj3rI3XWyR6BCdm2t2lhP/FoZc8Y2tRnkVHbQCDKmBx4S69vWCnvBXsuF2U9tjGkzEcXBFkwqnpnxrF2x52HOK29JFgf1eNJ+jRo69cThcd9YqnXT4brRC4HuXPTXIKiMcrvOsqk87EDo6fP8B/Yt1c1QObyyZuvcU0T6tGvZNSO5m1fruEJK00AwE+4YXg2MBftNH9e1dwfz/5hVrqMZJmEpXMeIhbzIYbeFJfWZfjj+TCc/FfGCNKr+YJsP8F5cgPYT8X+/nAn6eF7Ifu8nUnNGUxBzWHbAeiANo7U0ntFQqjpeXj/dc8FdpNbUHG+JlSAUek/k7DsWhdxGgCzBJKXoswWPDmWE~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Max-Age=31536000; Secure
bm_sz=918161EC8488DA7D678B00338E0AFC0A~YAAQVZbvUGRx252IAQAAqJZcpRSTQYwjfnJPhuV4h4HYNhaEPqAUYKjZ7TfdFFlrti1qiCg6cIbFiYpIRmAXvhSkRu5MmY+S+tkBikVR0YVXxBGWXcXMZXtusnr3qR6ikK+jPMocqQ5PozcqCQGFM2fFNkQEi3E4t2cj3sPRz+ZHGuaKjkdnILuAva1pXsPBD1mhMHgrQc6shaT1gqWGqjytlL4RopgTnbbzj/CoIo0/hNyYXJ8y4BuMeSQ1IYluD5lLCfy6IJhwkTcDlolgXEdKrjUVq7wQs2ZbI8weYiwanxPTU57q~3753269~3163462; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d0_VM-ARN-01cnE31_22227-19169
www--wellsfargo--com--6549329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 967 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2437), with no line terminators
Hash 1ad6db4a52a0c0c14ea0163e39270b83
75de636c5b3227816661758cf0c635b56e3f82c2
76784dec428f6e84ba383808b46a51a751fc60a6412b5eff63fe63e5d07ab75b
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 967
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-9b0cb3f0-9703-49d5-ae01-2907f3754f6e' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:124; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a1353074-23f9-4080-9ad5-529745f8884d; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a1353074-23f9-4080-9ad5-529745f8884d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:21; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=2C802B17CC72F3A9F000A11F0012C446; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230610055128917658137; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:51:28 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!MT5RRqcZH/ioXFwGl7IZxfIs0wroUd1C/IYpCKWLXJe29qUGrPOxEwCm6jyb1WxBz23DX8UmzSmLYW4=; path=/; Httponly; Secure
DCID=cu5zbvcK8R4t3JHN6ioyC21cMrZRbfBVhalIqZAg9sk%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
_abck=3044E79DB67E499ECF461D5D120A93F6~-1~YAAQTpbvUD5iTpqIAQAA2ZZcpQrsORp4sr4yc4A7iS7rGSUiYEcTZW/pyx86Cae9tkw0P45ucZmrQe//LIhg9PmLhMDMk1MxkOtTNR6ZhlIjfceg0WqMq6RH4Fsk524GImObQY9FIPoXjTcUa1qDzGOAQ9RtGwZpqVqR/eOFDXz6L5Fj1+Y/f2KywpmavlC07DykExj8RN9mmX8XmDFMwK+1DSqaj/rGbk0mNG7mHvlDDZgkW+AtopKhkvdOPMoHvUtZ8ufzMWssmi+8GKiwu7oH8dX2pXrLESlUtvpqPoLcBXjSlY3Q0lL6X9Y8DnIAgJIZeNducL+jTsS8fGU5R2jXtITcqT+3fZF7KUtbFE1JCRZtsXrLcO7EzvHlJBED~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Max-Age=31536000; Secure
bm_sz=3E0F6209F82A13E66B49D8A9B8F0CB10~YAAQTpbvUD9iTpqIAQAA2ZZcpRRd12CIq5KbBhjqRdZJKfZ0DewqCGe5/5HtKkrTq6E+pz+KITzVV+zUkqGcrRAHWg7/E5/9PpOtmeYEwk5vPKeNaUkMX4JwcdrC3MFH6ssMEBA0V0tD+uMgQdlvrfZcztaOeBwitaTrSlJFR9B2fYujL1A9bfPEGtuTd83KwwwKAhELCphuObWPNVfpPxgurNGUnV91btcF/t+sOA4CT23yD879wA6LK+nKBlGZUKxXepUm/pPz6EgFtXUvp7WXYp0fd3DaO2RMJU5ntrzSC3xIpS4C~3753269~3163462; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d0_VM-ARN-01cnE31_22189-17709
www--wellsfargo--com--6549329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 967 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2434), with no line terminators
Hash 2c3401c2b2af8fdf81658e8a30ef3ae9
cc8fd086336dc10a9f0a5265ce2059db7f336f54
c4aba74cf2428bc3117d809152861db1a0c0ddd381cf7d0695ec9e9cde612ec0
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:124; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:28 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 967
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-0aa3c789-0882-4519-9101-8295a3a3a5e3' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:a8a6d43b-f114-4886-a7aa-30bffa100cca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:124; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a880876d-aa83-4479-ab85-33e073e52395; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a880876d-aa83-4479-ab85-33e073e52395|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:23; Expires=Sat, 10 Jun 2023 12:51:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=CFF1395BAC54EA68003C3500612C90A8; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230610055128199717671; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:51:28 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!8BZAU4X4iBFYGpwGl7IZxfIs0wroUVDDwhrqdfQj/9YVwGe8V3eFZJi+WowhOQVFq4VnHtJkGhJg+dw=; path=/; Httponly; Secure
DCID=J5sC5Cm8zzdO0S+lzODgfGFfMMn1xh%2fA0pU1GBBlQQk%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:28 GMT;Httponly; Secure
_abck=1BC0B5DECE9AF2CAE2C7A6DA3034BDCC~-1~YAAQVZbvUGpx252IAQAA9JZcpQo5Ls3CG9cnIyvD9R7nvp1ePO7E/W7UbE7fP+PSer2fsb0bLGe7S0WLzFnH+aKYNTE3SIQv3Dfzulr7BfFW4ox+E4twjYeX0fJC0R9xpUn1HZ6xbVHVwvb7DIKgHNVDd30ccfpAZ5mHufu1XDavPZwXcFML0FU3um7hOzMGrewRD/hDMQmTvaNLXHEVLxVa2LoSQMv8z98u0EtqoAqTxymzw7+38ZErT1MsfMLI/J4RVR4fyHTDOdSECKjq2NioPHhkhwvXWxDD9R0cjyvD2ouMwW4R8+RP34jAO2qKAYSYH/KM6m2JcMwR3I2QqqKjSO6+dtSngKQl3hvxTq5SbFOyjIu7rV6OvCV1+ZBc~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:28 GMT; Max-Age=31536000; Secure
bm_sz=720B9485987785F020867262B559FF17~YAAQVZbvUGtx252IAQAA9JZcpRQiSlXko5Zqh57OtWAeALXaxzKWhZwjoUZ1EQCm+ljjrbLhIEKeEyM5t/CMqcBYf1K6TiBNYYhXjn0VDmVqVVwPDPq8XVHeREM9DClAOvvSkfNNl7e+Iod6ClNKMPuxp4B7ptKhcmwg0jbtOPaSPwTxX4ck+yt4yab2mctkmozeyAk/jTRQzdF8XnMp0LYu14nhk7ZehL/iefOMk7DT4qR+QkqDMxGl8gUW+aq6todSBNBBo1Epm7QF8iRdMyfN0aUeJPANAelfIvS191Oc27MQR//Z~3753269~3163462; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d0_VM-ARN-01cnE31_22227-19170
www--wellsfargo--com--6549329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.134.56200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d942dc1735faeb82c48d742d427b6ed8
e8b26fb1b06b9d1138029da3167b6c08981364a6
ab15dc13e542e64e974624a254448e60246b324c6a290fb740b50e552ef3ef54
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2046
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0; _gcl_au=1.1.865522759.1686401487; _ga=GA1.2.1318281038.1686401487; _gid=GA1.2.1084716341.1686401487; _gat_gtag_UA_107148943_1=1; ISD_WCM_COOKIE=!8BZAU4X4iBFYGpwGl7IZxfIs0wroUVDDwhrqdfQj/9YVwGe8V3eFZJi+WowhOQVFq4VnHtJkGhJg+dw=; ndsid=ndsaeev92f09kailipzwk0l; ADRUM_BTa=R:27|g:a880876d-aa83-4479-ab85-33e073e52395|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:23
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=KZhcVgDQ1j0kUOrWy3pbccL7ngjZoPCIkx8VbufBDuI%2fwyu3K3HuOkgYsBO8JS+x; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:29 GMT;Httponly; Secure
_abck=A017C2B2084FF283B8039239CA0E1CD9~-1~YAAQVZbvUIpx252IAQAAc5pcpQoxKrPZDABJ8mvJuKLp/RZQRXHu0Tmeo1EcI1YZWopBU2efUNM1tuLVZh1m/+nX6qMrmFCk5u8+/227tOuSFZzN27tVoofWK7wNobjFtIwyTOpPunNkb+5zA1TsNdUzAhFnYKGgD/+GB10AgHMpnat7MnWm6jCCDm2H0l0gCDPN2nIxJMJdjtXP9d9LrbuKLXpUQtLabyGhVU4dYiJ4+Y7GgCkhU3lpY8ynKaz4b7iPWsMHv3S9m+hNh1mrFxGFPYBrYNg5RTK3LNYpVKiLqS7aPTyCxfW1yMPFgweTs4egtlAgRr9+b1l+mGVSCcZg/RnjtNWJ773lvtCWvCRpnepZa9cafpiYLlQTHiw/~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:29 GMT; Max-Age=31536000; Secure
bm_sz=C3A9806C5A9FAF069ACCE7A96A8C4C65~YAAQVZbvUItx252IAQAAc5pcpRSVuvQqvCSpTbfJnEqa9TUVZpgilODYx5hkJua3GgoaF8nfIViuwCsgaR3Z2CZWJu3bOZOMI7/D79emme7nmR9IOc6tNByKR7PDtFLgJ1e4AmaX9t+uYfF4ZTTRtg9APkqz+BXrimvklxgY8z4jEJuNqzEB2VXyHwiJyH/RX4Zd3dHpnn/rd1iCPoSFaEwUxLecr78gpfxfb9WR7wMBlybd3ZhwC6Vsrf5OKH6nlYlBSFEnHLHGo6Nam9bMAJc+jE+LZPNQkyQSxqOkoDZE8dShO0e9~4473145~4403521; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:29 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d1_VM-ARN-01cnE31_22147-24901
www--wellsfargo--com--6549329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.134.56200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 4228af8c2ec20ad47254fcac48312588
27aa0aabf43e4cd3095e506973feed891fbe1905
82435a9458528c634df957a077189bf829b39302934e3bfe269dcda7e267a5c4
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 648
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AdFxhGQAAAAAujDb2bCt7kW1q3KGsIl1%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0; _gcl_au=1.1.865522759.1686401487; _ga=GA1.2.1318281038.1686401487; _gid=GA1.2.1084716341.1686401487; _gat_gtag_UA_107148943_1=1; ISD_WCM_COOKIE=!8BZAU4X4iBFYGpwGl7IZxfIs0wroUVDDwhrqdfQj/9YVwGe8V3eFZJi+WowhOQVFq4VnHtJkGhJg+dw=; ndsid=ndsaeev92f09kailipzwk0l; ADRUM_BTa=R:27|g:a880876d-aa83-4479-ab85-33e073e52395|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:23; _imp_di_pc_=AdFxhGQAAAAAujDb2bCt7kW1q3KGsIl1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:30 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=W4u6ZxOg2BKDPRADjNxzuhcpt%2fl%2fz6dq4yJkphwlAr4cfjByKFTnahZvF+VrZluO; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:29 GMT;Httponly; Secure
_abck=EE0C756FA0694FC40BB9E7A5508D30CC~-1~YAAQTpbvUEBiTpqIAQAALp1cpQoMYq0SlmfKw9pJ+cKP7xqm8W2Zu0iFr8cTqcHRbhV0TXZRr9irBPg7bPKCr19M3zqI2yxHZYJYHIeGeFDbdczbjcpSCtzIqf5sUXvz9NCwyW4o7vPyMZI8go4412WoY4iOhMDVTKJH70md4pMWf6eU62AxcSHk7fjv4bdPY00gFni5dSdP3QFstA4mA8XKupmZ9EhwQdY0abpYIMctsslq268iHb6jp6cANLXsXnej33koTJk3BxBzC82zFP5qnLRpRtnPQ+Em2BzAGvntgduvejG77yJV9HD08gxNHWQ6Erydf9JEa8opgCBvluvjZ7C4NivWWvfHBc+UO1wz6Gibt4OFBjotnpOr+5bj~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:30 GMT; Max-Age=31536000; Secure
bm_sz=4C0FE52DC680B561AF9A529F1FE4C1F5~YAAQTpbvUEFiTpqIAQAALp1cpRSaUfCoNQ19nFDoJ4YXgGhx4mzrb94n9Y8kKWJs5XRoDn31A9r+eaUOi4A+5XMZaK2+c/TA7+U7sBCBcTpiSydwf3Jk/kf5pJNJsG9nS1y0M+1cZiCVe8pVdBWW2t1Epc/D4PCX3Rv81QLIAeiufJbrmsT8JUI1u2NRr7uBp0NowRoblfAEip1oX9XthpBjtu7yYz6+tnqOl60f01nEd6ryuYlLgvSf30Tz+L66WOrlZhvI0QETttzoOJPRxOl5/ZsYsBnVBatBbaSzW8i4yM1aH1Rw~4473145~4403521; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:29 GMT; Max-Age=14399
X-Via: 1.1 VM-ARN-01cnE31:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d1_VM-ARN-01cnE31_22147-24903
www--wellsfargo--com--6549329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.134.56200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--6549329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--6549329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!ysXwk1kh6fvf/EBnfhFjdbQk89YdzlL+GkwrnXUwIvA7IhggHK92g/G7ON1B97xuMCWV1HdTLMogs1E=; utag_main=v_id:0188a55c8a1b0016b369f9d480b705046003700900918$_sn:1$_se:2$_ss:0$_st:1686403286987$ses_id:1686401485340%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQIbRblWqCzF8CmqhyqRzcQIFLPL8yGZ%2BlAqyhyloLI%3D%22%2C%22_s%22%3A%22RhtKe4t7zyrPL0fh6REHmX7%2B%22%2C%22c%22%3A%22MDFlb0JUYTZXekw4VlhaVQ%3D%3D-f9VCsWjnVyB2cNmFlrSAhcMcd52hXihrg5K_ppfDASR4R5unHz9BtghgGnjyvL8MVUJgY9ZBDSNseKxlIyDsTluNPGR629At9s%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AdFxhGQAAAAAujDb2bCt7kW1q3KGsIl1%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22DSep3jah9AGb4eiTNz1u2A%3D%3DTt6raVNO_wnBtnd5NpKu48ym0l_xG3uVIrZo4vJ6YYA8WqZ67NkSwO3aXmzeopr36XrVasZu55G3EcY2AHWUBpYZbWaN1sf4QljDEDrcz1GFdY2G_VJmPtacc3-g0TpUBfdCWBosxzWEKKELCw29I3M1xstQvSP_F0CtZLmbw9C8Rq8eyZB70hVz%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAfac7Rmp3XwG%2BkA%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C28124009361147462383432960847108043844%7CMCOPTOUT-1686408686s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0; _gcl_au=1.1.865522759.1686401487; _ga=GA1.2.1318281038.1686401487; _gid=GA1.2.1084716341.1686401487; _gat_gtag_UA_107148943_1=1; ISD_WCM_COOKIE=!8BZAU4X4iBFYGpwGl7IZxfIs0wroUVDDwhrqdfQj/9YVwGe8V3eFZJi+WowhOQVFq4VnHtJkGhJg+dw=; ndsid=ndsaeev92f09kailipzwk0l; ADRUM_BTa=R:27|g:a880876d-aa83-4479-ab85-33e073e52395|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:23; _imp_di_pc_=AdFxhGQAAAAAujDb2bCt7kW1q3KGsIl1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:51:37 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=i7L5j7tfHltHjPh4sGB6eH2341JkYnKdAgbSe2BMQkE%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:36 GMT;Httponly; Secure
_abck=5BC337124D190843C5D498DE5B5ADA20~-1~YAAQTpbvUEtiTpqIAQAAzrdcpQrdQ8L9NeKZTZKbqkuYGqgkD4zHZO6BNkerV5UeURlZUuq3bSGfyhy3227xBg2Hw2yv0b1f2UkX//xeKo3tTLNd5T4qxLcw4efChkwrBjZ8ggpIknpJOrbro4VWznFYweeFD2WI7d9JBjbfP9t8xfBYir4O4sDylmDv9t8sIr5zKontBxEWDPxQbUWMu8q92lbYlVkKVAfCfWhdErAUDI/2r//rrOxp/jieyGcwuFlgKTUDyg5YCOg3D3wr+cDa3rMCziduRrtiFrG3rpg+1ElQGb4t5GtF+IvUqgp0i2PO+dtNkC47NVCj7Sd2Ez1Ejws4Z0Hf3HZmy/ikGwlj9iiOZdYFl+eKL3PpPxqH~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:51:37 GMT; Max-Age=31536000; Secure
bm_sz=B82F31AA82798A3CEA911FA8E31C355D~YAAQTpbvUExiTpqIAQAAzrdcpRTvFuA+GHIQYbxPwvyGt4GtpAzANfqyMIoz3pPSDj5UXjX0JUtc/W0mqbkKLsFB2eQ/Rt4YnuJRoq5Vk1Gf+II6sB31cxlC3juCcWW9ajmRWODqEKik7yQ2izAT3RvCM9Ve/df0FulTNVE3YiBA1HckdcpZ+3g5KEZLxt3Dh+LPtasdaDv+y4K+AViEzAvQ2IYir63Ay2Mdxg0q8zlunn5OLoW2i32JIMZsWlvqPBEq4K7huqI/0p4H53YtFVN6GrJOOK7kN+1xG0dxHXQvYOy+JNAD~4338757~4600390; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:51:36 GMT; Max-Age=14399
X-Via: 1.1 VM-ARN-01cnE31:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 648471d8_VM-ARN-01cnE31_22147-24961
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
34.208.171.87200 OK 190 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 34.208.171.87:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d3a28d2676f83cf0f8e2f3fbc19ffd5
311c7edfdcdab64ba9ced143d23630f23d81f3ad
14b65348edf92be2db88826968410a6c6e98c7c79dc6c4a27ad3ebd9c7c94dcc
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:51:29 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pid=7ad46878-c1ea-43e7-a496-7c1613efd2df&sn=3&cfg=32a3f9ce&pv=2&aid=
23.36.79.33 164 B URL rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pid=7ad46878-c1ea-43e7-a496-7c1613efd2df&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.33:0
ASN #20940 Akamai International B.V.
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 6a2334cffcc3dc53aba776e9c15d0fce
95aebb24f9689cfd601fa49f13809244cc7fc16e
5fd407f6e74d09529d83f644f025acbb4c6d9a8813dbb8f3bb9a277c81943192
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pid=7ad46878-c1ea-43e7-a496-7c1613efd2df&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50923
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 12:51:38 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!b3Qf1Mpx2CExHj7pnNE5eVRfS7HzYyfTbtTAiR0ZYzLWrVvTT8CPvW9WAP/qrz1WC6vLzYwFmC/24Q==; path=/; Httponly; Secure
DCID=Prwj37s2PTXZXGQJc9utibjnLjxwXrP0V6IL3YrwSaBefIQstTq+yZWf61LPT1FF; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
34.208.171.87200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 34.208.171.87:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 1535
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:51:34 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:58a736c1-067f-4d0a-ae4f-cee37b87df71; Path=/; Expires=Sat, 10-Jun-2023 12:52:04 GMT; Max-Age=30
ADRUM_BTa=R:55|g:58a736c1-067f-4d0a-ae4f-cee37b87df71|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 10-Jun-2023 12:52:04 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 10-Jun-2023 12:52:04 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 10-Jun-2023 12:52:04 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:1; Path=/; Expires=Sat, 10-Jun-2023 12:52:04 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
34.208.171.87200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 34.208.171.87:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11679
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:51:29 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:0341d951-401c-416e-97bb-0812045f7ef5; Path=/; Expires=Sat, 10-Jun-2023 12:51:59 GMT; Max-Age=30
ADRUM_BTa=R:55|g:0341d951-401c-416e-97bb-0812045f7ef5|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 10-Jun-2023 12:51:59 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 10-Jun-2023 12:51:59 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 10-Jun-2023 12:51:59 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:1; Path=/; Expires=Sat, 10-Jun-2023 12:51:59 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pid=7ad46878-c1ea-43e7-a496-7c1613efd2df&sn=2&cfg=32a3f9ce&pv=2&aid=
23.36.79.33200 OK 191 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pid=7ad46878-c1ea-43e7-a496-7c1613efd2df&sn=2&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.33:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 530ae8eb5db0dd4f7d7eff5139856007
bdde35394f652314fb381926a18a943659ce9e41
d7318ccf9091441dd08bc9c70fce8b7a50595fc37ba47d331fa86132d486ab04
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0&_cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3&pid=7ad46878-c1ea-43e7-a496-7c1613efd2df&sn=2&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34435
Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=31f06ce2-14e7-40e5-b8e7-16054ac55c2b:0; _cls_v=84cfae5e-c534-49d6-bd1d-60d9e45b30c3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 12:51:38 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!3tAsSoBxHt9Ix6rpnNE5eVRfS7HzY5vdulJokeMZSk+AKQztjEXFUYfA/tGRBgBe6BDhSO9N1P8YKA==; path=/; Httponly; Secure
DCID=3Sn3kUjPatoivqbdE6XJODJql3GQzqzoBNXB4MAfLkZBidDPR8am1ZRX9YBv9wNc; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:06:37 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
34.208.171.87200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 34.208.171.87:443
Requested by https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6549329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:51:28 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2