www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
163.171.134.56200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash e4ac686c6a7a57f4a88cba96814749ac
3d1d4c023fda8a31d1f5805a59196f20f2b78613
273e339d5ce21c18019e495c035c0f3d681cb4de95223063421de0a3d230bdae
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:35 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 19049
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://resources.digital-cloud-prem.medallia.com; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://*.mworld.com https://*.postrelease.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nuance.com; script-src 'nonce-376c085a-008c-40c9-8e0e-70b1a423f887' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18985 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8; Expires=Sat, 05 Aug 2023 22:15:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05 Aug 2023 22:15:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05 Aug 2023 22:15:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Sat, 05 Aug 2023 22:15:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:69; Expires=Sat, 05 Aug 2023 22:15:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202308051514341513588440; domain=.wellsfargo.com; path=/; expires=2 Aug 2033 22:14:34 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; path=/; Httponly; Secure
DCID=wPwIsvkpiP+2vdEB+MC2V4lGxMhBEOXciz3DjfonbBU%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:34 GMT;Httponly; Secure
_abck=FC0734A99D4E80163ED52F1C56D878F6~-1~YAAQvWpkX5hZIL2JAQAAXkLExwpdmETMUtfPLQzcZpMpWevFX2IgeAqOiYqszrYWz0Nnf5Xcf8zindjgQRxSWCvokT/h511vfIWdMYxN3yxi3GnE5xL/+bS4F1646n+aSjKP0KmHbWdwhEh+ZFkpri2NN6/k66hzGn7YuN1dpQ47Le3WqqJvCDUCNJZsqbtfoZNJMxF8GSf4mDP5ZBktrDRCYfSedvXmPsZvqynuKTOQ554MtRovphJ4C3PjO2Z1TE+EitR3zDP0kRBckLrP5ltMbhx27sPa3hUbtYYkXxDMSzs04ecZtwNjKFdMvhmak9Kzyb01rgAI/vXd5iU2CN9odH+4BZ9MaAxCkLKvbfWQ5JY5xmomRBro4/yNQpLR~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:35 GMT; Max-Age=31536000; Secure
bm_sz=EF9D3CC17D8DC3E3D0F4A3D80785798C~YAAQvWpkX5lZIL2JAQAAXkLExxS25XVcyknRWCSvhsJgw1k/uiidcmi1J00q2/YMdjMv8yOQ0HgQOvswzQ+NWwYRm008eJVrBG8H4H4YGbq8Z6O7/9lFJqVMTrDgUkW2OGK404p0+NvCjFisj2H6s/nNWeRsHPA4wrXGNOlguFwAL4Fg0pp+VjsYQoycb3mqc6CBao67QGoVRFAYsgYBC/2oxWfFu1GcEsmEC7si5bzV+2ij3z0vhty2gb0V6YQsk8ts7/ZbRRxlw9n8G+pUH7xU8YGNcC7qxSJjYqILBp57vHkOmUND~3552321~3487283; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:34 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ca_VM-ARN-01XDr43_24774-13676
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=270875
expires: Wed, 09 Aug 2023 01:29:10 GMT
date: Sat, 05 Aug 2023 22:14:35 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=270926
expires: Wed, 09 Aug 2023 01:30:01 GMT
date: Sat, 05 Aug 2023 22:14:35 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=267042
expires: Wed, 09 Aug 2023 00:25:17 GMT
date: Sat, 05 Aug 2023 22:14:35 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.26200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sat, 05 Aug 2023 22:14:35 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=65IfHD0u25lm2mUXTYCp8A%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng
163.171.134.56201 Created 74 kB URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 48142dedc74cb9e4f20d364073815994
eaa5c96f8f44fae35616dc6af03c98121d2d3fcd
814d02d8c99bd2f6fa5aa759a9e367b12c50e4201d1c5a8dbb793da6f30c3ac5
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:35 GMT
Content-Type: application/javascript
Content-Length: 74070
Connection: keep-alive
Stored-Attribute-Sha-Checksum: 814d02d8c99bd2f6fa5aa759a9e367b12c50e4201d1c5a8dbb793da6f30c3ac5
Last-Modified: Tue, 27 Jun 2023 17:14:29 GMT
ETag: "dbf881c7602f8671d977bb348201c8e830df8ab5fdd7795850bd762a38857ef8"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=+6DHE3ZwKfLkCqQOrguzJQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=1D1315AA6CD681A6B9F74E16F11821A4~-1~YAAQvWpkX51ZIL2JAQAAW0PExwparvNo4FJW6gcGyEtkc+kacrDv9BZEpy/ykHCFqMYRhEv1tL4tpdBVfjJaCIr1+a7ER0biQW9tQpMwEAk4zEEv/05gXXUAtT8g1ImbrbWujdlspGwkfBqWZNRPIJsPYEolOVMJ5VLnmZPk/gymil/hLh3v97spYzbdI/FMsf15lPFDEF4w+512ttpqCQ40ijmX5WSERUPzh1MCprrDNNSsHjdHmIHLAy6pjmntrboIUoN5pg/rLfx4U3UApuSVwZF+/VvEk7d7hjtrulWVEZETkz4wrFiG7aNlr1sA3jdTVJ5HxBgNoNjceToGaD7D8T92190yOf0Y9ET/5XUFTGodlYvHMZRUaDP1eGMx~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:35 GMT; Max-Age=31536000; Secure
bm_sz=B259F6E408672AE09EADAA7BE8B6C293~YAAQvWpkX55ZIL2JAQAAW0PExxSCHpBItBfVUZ9U/d2YJXg3D43wVQxHyx8ISsoW1w4AWTxrZ1gcmOobcoeVHeFDxa9bHZKWfXhYNlOy4WD64V3CB+6WxgiPMCvtd7gOtC2BoZikKJfklO3ea/jniM9EPWk3PQKMMyiAUU75HZ5Oe2NVBRbh3y1dDgHxzgzXQ/Qpj8VrPUApiOxuNSW0G41mlB21X6eGdtSoCG8nc7SPEHomNt99ErwV5MFd1PWjAXGPQt753M8H2RPNkL5kmZFtNZTYkVB1jK3gEvWyonDzjzPVWJbT~3421250~3356728; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:35 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cb_VM-ARN-01XDr43_24855-55432
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.041c8faa44edf732dd5f.js
163.171.134.56200 OK 17 kB URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.041c8faa44edf732dd5f.js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (40828), with NEL line terminators
Hash 7558dd36a5a3d8d44bb1a04601ae6560
c703af3f738020a778d4c67bde5181147e8d2b10
1975e599ce211ec13716b9ba70636a011421d0aa38052be6a00302f6b9e15586
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.041c8faa44edf732dd5f.js HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:35 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 17289
Connection: keep-alive
Expires: Sat, 05 Aug 2023 22:44:35 GMT
Last-Modified: Thu, 15 Jun 2023 14:52:58 GMT
ETag: W/"648b25ca-cc01"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-FRA-01Pl0187:1 (Cdn Cache Server V2.0), 1.1 VM-ARN-01XDr43:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cb_VM-ARN-01XDr43_24756-17467
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.f0a4069fdc0c14e21993.js
163.171.134.56200 OK 53 kB URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.f0a4069fdc0c14e21993.js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65439)
Hash f2ae2cf4b00792fee38e84e6509f2c9c
ae395db86d01bcef9ac60e4ea5a2052cea2c02a2
1688b00b03e64170c61df02ad73c82a064176cd24d13459323fef810f1d9d2f7
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.f0a4069fdc0c14e21993.js HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:35 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 52760
Connection: keep-alive
Expires: Sat, 05 Aug 2023 22:44:35 GMT
Last-Modified: Thu, 15 Jun 2023 14:52:58 GMT
ETag: W/"648b25ca-2a7da"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-FRA-01Pl0187:1 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cb_VM-ARN-01XDr43_24781-49825
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.b96c0ba7c6b812a5f95f.css
163.171.134.56200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.b96c0ba7c6b812a5f95f.css
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8883c399a7c9534762502912a3eb9adb
b93c27c4041cda428a4cf494f13fb4b423fa1a15
97caf056980a6ba130a246874637fd83818d7301248a3444e59ca5d3fa32bae3
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.b96c0ba7c6b812a5f95f.css HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:35 GMT
Content-Type: text/css
Content-Length: 23822
Connection: keep-alive
Expires: Sat, 05 Aug 2023 22:44:35 GMT
Last-Modified: Thu, 15 Jun 2023 14:52:58 GMT
ETag: W/"648b25ca-2aa1f"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-FRA-01Pl0187:1 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cb_VM-ARN-01XDr43_24774-13683
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Sat, 05 Aug 2023 22:14:35 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Nhc%2fQH5j+0Bo2U53zCysjw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.134.56200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash b730c1820cfee9b5c161b53dee394393
673b9bcc89a132a735a14fee3434f3393019c226
8906ff3eca8f4988b9323a08c52e97e87189423b74d4b89d07b8a84e3adb08b7
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:35 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4281
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 05 Aug 2023 22:14:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A4FDxMeJAQAARc6Z0oMKcCORs5LAkox3pksahm-eC0mr7jsVXIs1k1Jv6o2DAaOrhiucuNk0wH8AADQwAAAAAA|1|0|8ba08df5a285334152991c4d8cece6450dad6728; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=hrfUBRA0o9Avlyf+xsC9fO2QT%2fZTx9ddo9Vvx8Dtf%2f4hhr29rNOc4VMKhCQVHpXC; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:35 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cb_VM-ARN-01XDr43_24774-13681
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=10213852
expires: Sat, 02 Dec 2023 03:25:27 GMT
date: Sat, 05 Aug 2023 22:14:35 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=10217734
expires: Sat, 02 Dec 2023 04:30:09 GMT
date: Sat, 05 Aug 2023 22:14:35 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=10110022
expires: Thu, 30 Nov 2023 22:34:57 GMT
date: Sat, 05 Aug 2023 22:14:35 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=10218616
expires: Sat, 02 Dec 2023 04:44:51 GMT
date: Sat, 05 Aug 2023 22:14:35 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=10110026
expires: Thu, 30 Nov 2023 22:35:01 GMT
date: Sat, 05 Aug 2023 22:14:35 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2632
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 05 Aug 2023 22:14:36 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=c2n+yzoiNDGYf6mKelFzKw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=c2n+yzoiNDGYf6mKelFzKw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=2130BA5DFB58ABD61B30A8CCA7C571DF~-1~YAAQvWpkX6FZIL2JAQAAZkXExwqJwGa09DM9I4mq0ab6ZW+cZYgNvHozMnrQPjr0Uy/VArhtC0WfKCzvy5Z7uVXd9119aHmtF3o38GP6BHYLHTzkN00UzVJTQ48bSFWXJFhrAIWNaQ7CVCzqaa2blOxK1lPhS+WC4VWnO8kNEX/dGVyZxjlPBtR8Zct0f18KKPUjXTl7B/o9TOcEq+o5/6d/ForIRIe15rCzkaHof6x365T/iczAlQwN3t3U4W5R74A3XGecBH8cEAZ8Z6/p9tgeXbDxjwULVKFBZovFkQErWOG7DP+kuDthC2kycZdic/XPMW2SgESuEKn8vl3hLvF3LGU/xx1gG4K+mrgPQp3dJCq+g0CAOJ94tgvxf90N~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:36 GMT; Max-Age=31536000; Secure
bm_sz=3DC36772BF1D59AB1F7C28748DF39783~YAAQvWpkX6JZIL2JAQAAZkXExxRE8Lc+gLefbBR/fZYLhFc/GquOcm2R1FbSNEJQx3f9q4HPFsABrf8cJlx0gCaJ6MS7dVaPNnFN8lFOqWaZEwTV+DsW73bHck695CW6lxcYn4y5lWcF3W14QHURIVh8e6epKh+vg+h+JicSwm6HHFrB9pT60Ij0XzgCeIrL3sYutJsXErXzUUcaPbzL5iKRudSppIq/4ZdOuMceW9tlRmlAGKb9eUIQ0uGmZZVQp4VVWZCsOTH7R1KP/1TRRmzq8qrAoJ8aSOkE7CqtRkEbPG/pHQND~3355461~3422263; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:36 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cc_VM-ARN-01XDr43_24774-13688
c1.wfinterface.com/tracking/hp/utag.js
23.36.79.32200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (11638)
Hash d08a65b05061f1255f422b7221f06b1c
78c6dc01eb858c5b652eeb161a398dfef3efad14
28c8b8933a093b6bc2df9d132810b339b54b35c7025452c0982df6d91ad58dc6
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 13 Jul 2023 20:02:10 GMT
Vary: Accept-Encoding
ETag: W/"64b05842-32c18"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; font-src https: data: 'unsafe-inline'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Content-Encoding: gzip
Content-Length: 55332
Date: Sat, 05 Aug 2023 22:14:36 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=TvV2F1m+QSonyrd9R8u0rw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AADntseJAQAA7HaQGVp4VkTyovlKmDnrdGWoDRcvAQ5_78_Zw9Ssp79N9EwF&X-G2Q3kxs3--z=q
163.171.134.56200 OK 151 kB URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AADntseJAQAA7HaQGVp4VkTyovlKmDnrdGWoDRcvAQ5_78_Zw9Ssp79N9EwF&X-G2Q3kxs3--z=q
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (150651 bytes)
Hash e1857ce1eaf4411a90b8b2c90ffe9754
fb25bda79da48c2328d3e53b94ab0cebba002038
f97172579a6350f0d5503d4fc6c8778b54791a4f6aab191f1794062d6fd8d134
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AADntseJAQAA7HaQGVp4VkTyovlKmDnrdGWoDRcvAQ5_78_Zw9Ssp79N9EwF&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:36 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 05 Aug 2023 22:14:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A5ZExMeJAQAAY6KSBqnFOkfsOsbcAPEWcCQC_-Qg143OZ4g6IvVj-Q2kBJKHAaOrhiucuNk0wH8AADQwAAAAAA|1|0|c73d5837fd86f66633d80b45168e9a3cc143eff1; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=QcfruyYUDzfXuq5SkJBLlhNbharIZjGJBOr9QLwjYIsF+vDJdY48PcuJrwWntQYF; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:35 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cb_VM-ARN-01XDr43_24855-55434
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/target/offers/conversations
163.171.134.56200 OK 2.3 kB URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (11075), with no line terminators
Hash cea62c88db902a00d2f3a6eaacd33d19
605a19115a4898f435fb72452624f06e47b1ba91
f7c4c423ebca30b12f2ca5562e790a5898ba5432a69b5e30b01aa9fbc7f692a8
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:36 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2285
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://resources.digital-cloud-prem.medallia.com; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://*.mworld.com https://*.postrelease.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nuance.com; script-src 'nonce-a1130bc6-6dd7-4ee3-8ddc-cf0695a1ad0c' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:69; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a; Expires=Sat, 05 Aug 2023 22:15:06 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05 Aug 2023 22:15:06 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05 Aug 2023 22:15:06 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Sat, 05 Aug 2023 22:15:06 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:91; Expires=Sat, 05 Aug 2023 22:15:06 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202308051514361963662714; domain=.wellsfargo.com; path=/; expires=2 Aug 2033 22:14:36 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=3A2D663548312E670016232985832D62; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=MTvh0G5PVu%2fwKGG1IOuuq%2fiq7GgnlT08Yo6dwNE1qtc%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:35 GMT;Httponly; Secure
_abck=9B8BFFF030DF93406AC8A629F4CCAE11~-1~YAAQvWpkX6VZIL2JAQAAHUbExwpOT/2/etYEFvEXsenpsDVKNrW1x4vq8Te1CP+y0hx/d/mNI70gpn2Y5b2/vuMDGAchC1CFpYtLaPF6+mZkMWxDG0UNhqzQ2ExJ1GTgEpfKnOQNb6ddYc0vpDM1XJ4YSEe7QrbWHMVHwlzuN1PCCkm28PKWh1IYSiN593MkYKC5Z5oGjbnpM2wGjaXwbQIV5ngqfscs2kbro1POduUsLAS59MxXnytp+9cQukHxaBTjmKqTIsMOzXTJkUsYcHfSZ5u/Hej8HIFeagufyN0A6jtXe8eBrnV6U9OVQ5FuK82XU6fk0Lpp1g1Lt+DdbH9WuVO/W+NKpAlfAUA7j/GYXRIoSQKczay1vwyNMqD3~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:36 GMT; Max-Age=31536000; Secure
bm_sz=2D5A4281AC30E31B1880B9ED5C633128~YAAQvWpkX6ZZIL2JAQAAHUbExxS9tQq5UJjw3FiIhoXv6acRrwmrwbcmNaAhVULYifW5bEAFBtCjCgZ8Kk+pKk0KMPUY75ZZS8+VoQNIjehY6PyREIf5MWY8wQX7JYuNWLliHfaQiFPd10aNpcCe3ImzFAOFN51le/CfgVdRHkDJqtM9t0LPRbNj+CPtu4G0lLNLLNH63I57i+2BUup6rOrPnfpQFuu+oV/AoIKSwKTBHCMBlAJUxCKBYHtwDiGuodQXY5ydFlSUrOEpKriiTO8N8ko6fT3z4u547gAGWTnwvzhRU3lw~3421250~3356728; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:35 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cb_VM-ARN-01XDr43_24774-13686
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=271058
expires: Wed, 09 Aug 2023 01:32:14 GMT
date: Sat, 05 Aug 2023 22:14:36 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=20334
expires: Sun, 06 Aug 2023 03:53:30 GMT
date: Sat, 05 Aug 2023 22:14:36 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.134.56200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:f3a3efe4-7947-44aa-a274-80ff960eecc8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:36 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 05 Aug 2023 22:14:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=dYuApNgoAq10E9B5rBzumNHd4FAhXQ7QFLpcuz4vvCU%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:35 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cb_VM-ARN-01XDr43_24781-49826
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2284
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:1$_ss:1$_st:1691275474688$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 05 Aug 2023 22:14:36 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=TG8Re6jecpDk%2fJI00%2foPVA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=TG8Re6jecpDk%2fJI00%2foPVA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=9C978BD96F6D0E428806F8F26FE4DDCB~-1~YAAQvWpkX6pZIL2JAQAA10fExwo4G9gPDK0+SXOaeAQl7Bwl5qsvsmRfkva5kxZDXlVN5CDmij6lkTZYhZBfCP8msKHHfnveucJZC4B3lTMzFKCFEmB862Pv7b4d93F7mizxiBiDK1FpXOO4Dtelp84TRxwe/zTGINTQIOsrNG0OuEYsCIXG+g+93AZAUyyD19lIyGdlgAFAUa8cj4rA4miev1I9a587d9LGNOL3S9a+2AE/1RmOS6owJxhG5qBH/Y8wmsf1oRbbvraFTZorqkPDWiQ82ZdzHHog2JFwvyWpzZYqoL7pIDkZBn9JqTnzopFjhqKOd6AEYHPKcQZxNsX/Z9QdKyuTjDIEWf9ek5MWvBcZ1YxxZsyNncFPa9Vq~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:36 GMT; Max-Age=31536000; Secure
bm_sz=3E899EF034B436730B0C871E0256302E~YAAQvWpkX6tZIL2JAQAA10fExxTZ3DQFb0f33u3I1ysya6tYrEQtSEyvgVZMUFq7RW4Xi16TtQnwLfUEEQvQg16H/xFUF9mxrLI/Lt4ZpEi6cDxirOfjC8H5Stzw/fn3VIlYEuNTdaCZKRaoLbaktqv3fi4xwEMTBdOtFcblB+2Bplp4uTzXthLQgFy2mo4nz1v+NdyJPcfG3Vm3T+LqBM86G4iW37+e/By8Ottk5vQJPk49elsu0R/8y/UwIJBHwaV/tMBSRZR5gDaZQwJxGOZY2yqcCwQewwGDdhO8SjlC9ieoNeGP~3355461~3422263; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:36 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cc_VM-ARN-01XDr43_24781-49830
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg
104.110.27.78200 OK 1.6 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash f4ea54d2de3587734104a7fe6ac34593
abb69048123b667ad90dcba04da4f08a4a4aeeb7
e802f40411f32bc8331100de87c647c70071bbd2e29a44befcd52e48c6020205
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63f63d12-aabe"
last-modified: Thu, 20 Apr 2023 01:43:32 GMT
server: Akamai Image Manager
content-length: 1646
content-type: image/avif
cache-control: private, no-transform, max-age=271743
expires: Wed, 09 Aug 2023 01:43:40 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
104.110.27.78200 OK 13 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7d601c2b059838fc333feb0e3e020fe1
f57bc430ce2a2b0c146e8d573569367c6bf75bc3
dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c53-e73f"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 13330
content-type: image/avif
cache-control: private, no-transform, max-age=270772
expires: Wed, 09 Aug 2023 01:27:29 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=2381047
expires: Sat, 02 Sep 2023 11:38:44 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
104.110.27.78200 OK 44 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 9534a04615e76afcd0a4dda5cdf8dd7e
516d3a11907386abf70170a54409523592c068aa
d7579baa6c30dad3cc501d73364183349ac085fcfea7c2af16aaa11532bc5907
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505837-def7"
last-modified: Thu, 20 Apr 2023 01:40:39 GMT
server: Akamai Image Manager
content-length: 43802
content-type: image/avif
cache-control: private, no-transform, max-age=270751
expires: Wed, 09 Aug 2023 01:27:08 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg
104.110.27.78200 OK 16 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 093dc61fd7b0036526bf39ae69597887
a27c677f83b0554434422c99b5519ace95ddb23a
f5a1bee943c64e915cc0223d3cc7e402b70794950377eb8ef040c835fad7e156
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c4a-ce5a"
last-modified: Thu, 20 Apr 2023 01:31:11 GMT
server: Akamai Image Manager
content-length: 15941
content-type: image/avif
cache-control: private, no-transform, max-age=2465402
expires: Sun, 03 Sep 2023 11:04:39 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=270927
expires: Wed, 09 Aug 2023 01:30:04 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/autograph_20k_hplp_1600x700.jpg
104.110.27.78200 OK 6.8 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/autograph_20k_hplp_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash ff9a335cbdabb82c5c45e599aaede02f
d9d9caa1e81ca61408e4804a48ac1c37f23a6c18
f3327507c7327c8a0b7e2777392cb742d54561b12e8850da60e75bee26c2292d
GET /assets/images/contextual/responsive/lpromo/autograph_20k_hplp_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63acaeb0-18517"
last-modified: Thu, 20 Apr 2023 01:30:24 GMT
server: Akamai Image Manager
content-length: 6818
content-type: image/avif
cache-control: private, no-transform, max-age=270802
expires: Wed, 09 Aug 2023 01:27:59 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/creditcard_color_gradient_64x64x.png
104.110.27.78200 OK 526 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/creditcard_color_gradient_64x64x.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash ca743053bce3493b932876555f9bacc5
89fb52f6517d4f2fa07fe71c33eeb2aa1676bcb7
9dc0e3746d9af9d06d8d135150885a3154037b7c4afb65a8118cf4df083a1c29
GET /assets/images/contextual/responsive/smlprimary/creditcard_color_gradient_64x64x.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62572c9d-1250"
last-modified: Thu, 20 Apr 2023 01:31:15 GMT
server: Akamai Image Manager
content-length: 526
content-type: image/webp
cache-control: private, no-transform, max-age=263020
expires: Tue, 08 Aug 2023 23:18:17 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=270949
expires: Wed, 09 Aug 2023 01:30:26 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=270958
expires: Wed, 09 Aug 2023 01:30:35 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=271156
expires: Wed, 09 Aug 2023 01:33:53 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=2437667
expires: Sun, 03 Sep 2023 03:22:24 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=2397805
expires: Sat, 02 Sep 2023 16:18:02 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=270950
expires: Wed, 09 Aug 2023 01:30:27 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=270680
expires: Wed, 09 Aug 2023 01:25:57 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=270954
expires: Wed, 09 Aug 2023 01:30:31 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=2397289
expires: Sat, 02 Sep 2023 16:09:26 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=2397785
expires: Sat, 02 Sep 2023 16:17:42 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=270988
expires: Wed, 09 Aug 2023 01:31:05 GMT
date: Sat, 05 Aug 2023 22:14:37 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /mxS10a_HjJ8dh/FrAo/iOwD1lFgfU/iY5OcfDrSV/L1c7Ag/TkM3YBM7/Yng HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2592
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:1$_ss:1$_st:1691275474688$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 05 Aug 2023 22:14:37 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=bzTNdHleA1key7ZHTdg86A%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=bzTNdHleA1key7ZHTdg86A%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=17D32D5A14C57A39ECBEA87155EC03AD~-1~YAAQvWpkX7NZIL2JAQAAi0rExwrs4t2cX/2Vrg/CZYBtwRNjAst+MUB4yzv3RHxXrKQHzN8ztYyMlC0kNGn8RPEx6t4/mGdcARvk7KxSlYEtrDmNQuSdiCbIx4LA8Apa1x1Xd3CEYnG7W01VXSq5WpwmIEubGg1Ri2hPrnXuv/smv3kPoVno026VRs2Eu0uPi/CzByB4brL1B6mjr0lDdqOeAAsPLJFvSZ82QFBxIuuoFDKzwweLWNxT5cbHblRrKScmz7PKafpxf1gUYKf+YZs+emg9fk+l0oQQryo+UikJiIJGVVF5ZMnqrJ29y+rSkllE20kAnHF38DDKUlEp3gpgT507aR5JrjbbwIX/0RLyvl1DeCwTL649TwQdlRYJ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:37 GMT; Max-Age=31536000; Secure
bm_sz=07F489E8B1D38E3C338DA3B6A6DE9C23~YAAQvWpkX7RZIL2JAQAAi0rExxRKbJuZ4EhpMe6ESf7HiRkYMe1TVGGkm9mgLYoFUGDTLr6KyOjruA9XqAF0R3I22rCbO2UWqm7eM+HcOHQSZkPmKyZe7m4Qy7BBE4MehSfmlaDpd3r52p/3HWFPEhJiFEkDQ5U76ZTmODKU6CPrB5nLVZfEaMujBaBUs5SQv/Sgu6RnhcHg3z8YCnzPnzb/XRAncZDQ4EWZaGDxTXDfPGVYwnJeP+9DdlCjxcFeRWYlTgp8e1DhxRzsXz/Z4fz++GwqGI47H00POs0eHRRyTFp/sm+4~3420722~4534853; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:37 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cd_VM-ARN-01XDr43_24781-49838
c1.wfinterface.com/tracking/gb/detector-dom.min.js
23.36.79.32200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Sat, 05 Aug 2023 22:14:37 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=0OWNDQXtrn01pIGs2PYpAw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
23.36.79.24200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash b2228cc3352ba79966a8c37c4282d9e3
7b644cecfc88646cdf6fb5c296ab14326f6d1fc0
50c204ad5821cd89363082627e5ec0fe8cf9abc7a258a6c45b2b9b7375de1475
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 10 Jul 2023 06:48:02 GMT
Vary: Accept-Encoding
ETag: W/"64aba9a2-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Sat, 05 Aug 2023 22:14:37 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=ZLknU9b1H0ok2z1ywz7wxX+7ZFOSZm06wJBPMX%2f83Uk%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:37 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 05 Aug 2023 22:14:37 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=wSoB4JmL2Dk9fAMjurmS2g%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
23.36.79.24200 OK 150 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (149463 bytes)
Hash a6c5acb966396efd0f97fe6d2c1d0d8a
f43f0abb0e507724113a84ad80812574ee0cdca1
581ab9ab566c77a1f85cf950662d6f3f59b4df6cac61997982a53fa975607bb5
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"649daaaa-f4e"
Last-Modified: Thu, 29 Jun 2023 16:00:42 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 05 Aug 2023 22:14:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=AzdKxMeJAQAAAjLJ6IwxIe0Cw8DBJiIxz8qNv3DiWD5Xs5FoA3_qf6MYoS-TAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|1a04d999e186301753dac2ffd28d04bc8bd2ed51; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=xjPLAIHdIw2p3lOfepAgMOJrqOb3I7APmUslz+u774QVwt8JpjN4sTVpdYMpya5c; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:37 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.26200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sat, 05 Aug 2023 22:14:37 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=LNzea9qmD7pcijPZhdz6gA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.503a8b321edcff4ec267.chunk.css
23.36.79.34200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.503a8b321edcff4ec267.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1cf7c1fc34f02c074f01f13b7d71068a
5a415eaf557beb9b8d31f621f80b827ccbe348ba
109d0bc8ba558e23e5f8bcb156514f3f1ff1cec0236d030723eed74bde935961
GET /accounts/static/7M/accounts/public/stylesheets/main.503a8b321edcff4ec267.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 24064
Last-Modified: Fri, 19 May 2023 11:16:12 GMT
Vary: Accept-Encoding
ETag: "64675a7c-5e00"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 05 Aug 2023 22:14:37 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=o4ol6pl%2fB2eTQsT3ylydWw%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.977fce5e9afe92d4ccbb.chunk.css
23.36.79.34200 OK 36 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.977fce5e9afe92d4ccbb.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 44728bf82124e7d978288b51d29f7247
127bdc80872b827ffd5f4f14219460948feecc5b
e8ab621591e8c7b4b8ed81e5613f0c13d45090c595347fe094f2a7c13ed98b42
GET /accounts/static/7M/accounts/public/stylesheets/wfui.977fce5e9afe92d4ccbb.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 36211
Last-Modified: Mon, 10 Jul 2023 06:48:02 GMT
Vary: Accept-Encoding
ETag: "64aba9a2-8d73"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 05 Aug 2023 22:14:37 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nqClYSAnx5Z2mj0v12uPuQ%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.11d8ad2657d343ccd76c.js
23.36.79.24200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.11d8ad2657d343ccd76c.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 197b7a7fb6f902fc2a4eb5ff978b89b4
c3881a2744c14817af138f88d98676d18b4588c8
38e0b8e6ac4f55b41a4ff32e31c8fca12b7893c42b92b6ba5d98cff1500a82eb
GET /accounts/static/7M/accounts/public/js/runtime.11d8ad2657d343ccd76c.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 10 Jul 2023 06:48:02 GMT
Vary: Accept-Encoding
ETag: W/"64aba9a2-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3789
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=rfxo8HbC6+OjvRXCkiiS%2fIgunxWXNofft+zVYtFvR+91MvPjLmTaVtjNW2dKpSlt; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:37 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.cb957977cb3cf8924da3.chunk.js
23.36.79.34200 OK 190 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.cb957977cb3cf8924da3.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65445)
Size 190 kB (189880 bytes)
Hash 197a0531454004e6e7769c5300c746b7
30a2a33795f7aeb49211b640256357e521829e42
86d9df808b65994cb555bb1c9d9ee93e79b5598dd8fd5bdd848eea1ec5fdfc15
GET /accounts/static/7M/accounts/public/js/vendor.cb957977cb3cf8924da3.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 189880
Last-Modified: Mon, 10 Jul 2023 06:48:02 GMT
Vary: Accept-Encoding
ETag: "64aba9a2-2e5b8"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=OYp+8LIpL0G8u1UiUREN6aAuunSA6ZWpWJGizxoLdXAfJnzyUHu3ISymG+b%2fs5z5; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:37 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.7a759df3119e0b9c531e.chunk.js
23.36.79.34200 OK 307 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.7a759df3119e0b9c531e.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 307 kB (307189 bytes)
Hash eb5dab90a5f6fb32cb1044e07da243be
e0d3df44fff06faae85253afa56397e077437bfb
900c079a3158efc5792092de56fca68a5bd8fcea88a6ed2d6bd33551bba9c4a7
GET /accounts/static/7M/accounts/public/js/main.7a759df3119e0b9c531e.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307189
Last-Modified: Mon, 10 Jul 2023 06:48:02 GMT
X-Cnection: close
Vary: Accept-Encoding
ETag: "64aba9a2-4aff5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=gtsvFmMNCJ%2fEyS0NxnxjvkXrNhmNE9PuRVj8dkQEbwnbcUP2RGT5mDB8%2f6iVxLuM; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:37 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.134.56200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 8d7f300b2b87530fd23221d2192887da
f82d177ae7d6578a3c6a929ecf07fd7f2dde780b
5ccb59d77b875ac823a54ee281dadb16901e3304f3f34a5a363f2ba61f98e19f
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------367119222742174781443975099344
Content-Length: 171
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:1$_ss:1$_st:1691275474688$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CvVersion%7C5.2.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:38 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=q3j6V+h4t86iYISsYfGiRNA+nbTRSQrZvXqNOpJrqTuSbgPQHZ8oxr6ncOxMx8pX; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:37 GMT;Httponly; Secure
_abck=C06FCC830FF71434FF1474F047BD0F9C~-1~YAAQjGpkX+4wzruJAQAAGE3ExwrRWXeeylrA9F6NVb04r7HDWWOO8OQR+cz7nvWkdpONdFBbe2NljeZ1yy9DshLdQXvFogOzcL1+jvDAwf9oqLBTzvSEGYBQmxUinT5WLC4tRz7kbPPTB8YN6El7GGieZTBznVo75lW6CMsFXCVlOvWPPzmhi3w3W9GF/tpea8cRr9EtzVUpOyBcvyBez4tK/CVnrV6LU955eP5NH19DoeuC514+bTCoQpPjVmYp1Wh/NtiI0ZFz9oIeUheU4Gm7nMRSnwP7g99cvGse4CvdQ/QjW9DQhFzym4FT0gpaOhj33m9DuDtNVks/9K0wIKWwjhgDugRnRsa9WSWnK6T2dkEQ3koctiabxnLwLMGA~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:38 GMT; Max-Age=31536000; Secure
bm_sz=3A93E0C627C9AD7773ED80315CC67A6E~YAAQjGpkX+8wzruJAQAAGE3ExxTA6iQpQtBFpWntUm/XeAYdPJ2XIckHPCbRnqLaSlxYfIC94XCKJ08vYacj6fSzIFTtQB/T7fgGBnZsfd675tQCUWlGc564/0gQzI6uxONg1tz+qUC++85D0RTAXkKLIe+u6wgqhVUFdZ+oME+NGrStE2aqN9oclXTF4jH38doD0gN6Hluvd8rna1npEtU6nn/YFIAKCUv9RNdVM/sjvnJk3wgRjbmX6ETKLApL1H5BRTWsi9xJM2fh2uIpnKlDvFzuxTJD7eHZkZkvOachBX0NL/C/~3420722~4534853; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:37 GMT; Max-Age=14399
X-Via: 1.1 VM-ARN-01XDr43:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cd_VM-ARN-01XDr43_24781-49846
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.fdb29d8d82f1d49676b6.chunk.js
23.36.79.34200 OK 328 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.fdb29d8d82f1d49676b6.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65446)
Size 328 kB (328050 bytes)
Hash 00ee4dd1ad77a55519db842687630ccb
0f4d21005614099124151946c6d0f105dbfec04e
3714fa3314ab5a6221c951645b6653bd92982b41a483c64a6d924c2ec7fbcb79
GET /accounts/static/7M/accounts/public/js/wfui.fdb29d8d82f1d49676b6.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 328050
Last-Modified: Mon, 10 Jul 2023 06:48:02 GMT
Vary: Accept-Encoding
ETag: "64aba9a2-50172"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=IDNZxoiLiCLJXhO8E7DwAV2E2kuyQ31hB6BET8iRmKk%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:37 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=m7SYmFwypho4gwiYgGKYtQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=cbuu%2fg6fqmoPRzV5PcGHoQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8%3A0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pv=2&f_cls_s=true
23.36.79.9200 OK 1.0 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8%3A0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pv=2&f_cls_s=true
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4264), with no line terminators
Hash 4a7336543f3e2b9cf305b1719b521bf1
11f0b535248e01a91d0f6cebeceab8fdbd774ed9
8abb28e2f253e7ebbfa8e952404c94f1ac5af421fcfbe1a953083944ec9b01fb
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8%3A0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1041
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=c31911bd; Secure; SameSite=None;HttpOnly;Secure
_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!ZgJDt8/bCEmgbV0q/D2JHXmrrcNtC38x8B8iLCovFoOEK344T5R1Z5xZP0kBs/5p/KPo+tVtut8aeQ==; path=/; Httponly; Secure
DCID=6GzBw5f2ON8kUwuf2oR6d9WrKDqQMRwWCEHcLr2uUq1L8o0XnLiv9DHndj+E5wIY; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=KMD2c+08k1UPrlA7r9WfGg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.24200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 29 Jun 2023 15:53:03 GMT
Vary: Accept-Encoding
ETag: W/"649da8df-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=2H4gaVi5F%2fa4DNEMrt66CXXL6pAPOvncaEBX+F%2f4QJQ%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/ga.js
23.36.79.32200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=zgUwWreGo6tGnfC+RExbSQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
23.36.79.32200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=1ZENAoUNgsMVe0owTQQEdw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 972 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2439), with no line terminators
Hash 2fee74177fc0f54d1cbb638625397b44
0a91baef7c3b037c7644753b863bd7681070c46b
ad4f9e3974bbc4823aa312075d8817061613d00f22f2b9b4e51dfeb0fc30b839
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:38 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 972
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com https://*.postrelease.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-e972c66b-72ef-4bad-b60d-f91906ae9abe' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:91; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:3e638807-304f-410a-a182-28d5ad97eda5; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:3e638807-304f-410a-a182-28d5ad97eda5|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:15; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=4D2D9901AB132D83398D739BC17DCE17; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 04 Aug 2024 22:14:38 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202308051514381032357754; domain=.wellsfargo.com; path=/; expires=2 Aug 2033 22:14:38 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!/MvSOwkoEakBMJ8Gl7IZxfIs0wroURIAPEHc7XLaokfbvFwqeUpeYgEDzpVVMJPUJfH+LURBKAdd6E4=; path=/; Httponly; Secure
DCID=R19WO5UaOGvJUCpReOgkoRyurE0KsgPFpMb+3xEpLfw%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
_abck=6495572BE9BD74F75B20B064ED6665FF~-1~YAAQvWpkX8FZIL2JAQAAM0/Exwo96/BOri+iuD5nLvKvKwl43eSkLsoIVcrIWuhmUoEoB+K0dd8hx/BKLU36talnO6sLvCyij++6mwLb/CoZkJNVDv36E+GCcJLdWGP0yNrPCmV2ERt+kGTWI9B3mgBlWuNtbKP5agdj5RAf0jTTg0+hb9LVfDdrEjw3rs4hFFM1oluW1rX11bK3AdYhv1Hb8HKx1OmGbnkoThdDqNROfMOrjHwDI8oflQk6dNBEUqMJkQDpWShpkTFI80BgZTdUxAJWT0XAkfMbOIvtfszD2TIyVGGx3I1QU1qFxZ+Qn+nfHgZRbO8pYFkvVdCOhWaV9NGA2VCmu/O4XvkJw8SK9PsVw9/WTdFhOWN6h3Fr~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:38 GMT; Max-Age=31536000; Secure
bm_sz=B4A2EBA40AC5A86086C84B1BA698FF14~YAAQvWpkX8JZIL2JAQAAM0/ExxRDthl9W/3B7W41MhPTmal876rTf7m7d+fftbGZdmwU2pWE1PBPHq58AffvVuvM5RbzjwjEPFhBM82odsq3wXi8X8tYPck8eWwOK/lHeXKQ3OEpP2RlCnKH4UNAblkMsCbIDCtOe0sND/UV1X8CXNEsMAwzwfxMVxp2CGuGHyQJ4mHrGz6M7YKqM9RtRpPbxiL4h+bA4Z2mDDYCRlZ/4jnamHjCpOxNYy8KZQUagbPdJRbxFNWRwi9ry1SpH5PxyayMIAK5LegKsMeQwVTaDo0E5fSa~3159088~4403504; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:38 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24774-13701
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676702&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676702&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676702&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:38 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=k3djpOBBFRuK4cmA6QrjIicSZ%2foCt4AGX6pSWrLhisbc75Bc1rk3XhI43AtPqyDU; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24781-49852
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 972 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash 777c55faff540b383b8e8fd153f66cb5
959c60a716baca23348244e64467b84f58c16264
04674f6fec51c675da6fced37083dc65dd9d234fe9106f7a1b76947052f8b621
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:38 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 972
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com https://*.postrelease.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-385d2388-7ec7-476e-ba7f-53fcd47c52e6' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:91; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1a6bc69f-59ae-46f1-9fbf-8131af129883; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1a6bc69f-59ae-46f1-9fbf-8131af129883|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:63; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=FB009A90C3B1EF08F60E92C75E2C5374; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 04 Aug 2024 22:14:38 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202308051514381574392624; domain=.wellsfargo.com; path=/; expires=2 Aug 2033 22:14:38 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!Z7mBhnInIzFLgbbXcg3V8rzrEPW+GWiWAH5purILG3+HSrXJUpnuvqUBEyKxjhi3LX0OKNhIGsc/oLo=; path=/; Httponly; Secure
DCID=C0%2fzYybQn9J961R3JqxH0YCdtJS9WRh7I1Cgc4TM0m4MUpL+MsJ4RNroEjhagynP; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
_abck=7D4BD99D1EDE6C44F71D28E6B2DC0D66~-1~YAAQvWpkX8NZIL2JAQAAfk/ExwqETW8l7B1qzc8qNz2c8wMLTyVUbRtlKwaS0ioVzI/Ouwz+icOFm4ZwXmoIWjaSWCU3ecVSJxpXhnRC4JknDSnq67WKZ+gqMM370edfrcFMHZ+ZV9OiDIRjqhBTKxKERwREBx1Fw5oYuaOYjniCg8MwTWAxYnpiwoH0v/un3a1MdpYSO+ISF5xS2ESgMHH6EuIgxemU9QESba39KUTHpqTJLcmnd9YxKUMmxnlBIh1YXLXZvKKHhCEZ/9z9S057l515HHX7ZApPyUmNwjC/qaVkhewHO9VvTZsnlt+slBZMLH1J9XKPxE2oM3lBDvVQUVWhsZNHlgNnkZQEKNzhpeGQcEQzvolt8tYPZYm5~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:38 GMT; Max-Age=31536000; Secure
bm_sz=4255F35397A1D51F816BE0E4163A09EC~YAAQvWpkX8RZIL2JAQAAfk/ExxQhzB2pxWB4RiQ1OLLDGWKMsjUU6JAKCXrq0it9bjrh2wWagC/UBHTPFHvhEVZ0xkNyH9Q534SLRxGAnjw+gkPvpY7umIb5sfUZYBglWTdGogIAUidV8f+3jeHeY84wKPXDlL6BC5RYzSQE9iBDWniJcoul9W8FPm9CjT+ys3wBQQI/X+hzMMXsMKOlVwo8a6JV+bL9joYaTGp0UJz/Zoh4WqMFdWUb4vGTWS5YDgIqmgC7eVfriFFa0AocTfR9i4wUnHTRhaKYOO7Won8PWZ0v1GBp~3159088~4403504; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:38 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24855-55444
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 970 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2435), with no line terminators
Hash e2665867f44e4d793784ea5692cf411f
a24920d8278bf3e93dd529491e86f0d0a519fc63
3a107d9b4fc629a156d5633a23c16ba2b19da64a97b6b66094aee22875bca990
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:38 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 970
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com https://*.postrelease.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-9ea13f6e-b293-4440-9116-a40e5fd4c923' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:91; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:b53c9a0e-f7ea-4522-8de0-4907aee5c616; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:b53c9a0e-f7ea-4522-8de0-4907aee5c616|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:61; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=846BF912397D3136469541C170F06660; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 04 Aug 2024 22:14:38 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230805151438624886955; domain=.wellsfargo.com; path=/; expires=2 Aug 2033 22:14:38 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!dYT4AkhJoHfIEt3Xcg3V8rzrEPW+GZYzHSsF2aVrviyTXYbqV2CpSSBaDAmodQCR4/hciW0OEJJHyV4=; path=/; Httponly; Secure
DCID=hkPE03OWyZA1Hsc1cs8qZV+x8jqYBGr9h9EXd9OdgGBvKIKsvzhP2bLZLPokE2NE; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
_abck=6D28FB0532CD53D8A724D7CBD4CE7927~-1~YAAQvWpkX8VZIL2JAQAAk0/ExwprN2yzChIphyeoribCeETXZta27IHrUhJKqc6CU2IPbejrZGjNkVLCqnVshOBU8FuTI2uKbQQlyc4m9U9o5vHz3TgFPNUll9FlJCRJpCLRFAqwz2Q80LaT0/oVMtpdfEQ7iYDTzlh1THZWtgb4m6chAO2oFgrzJeKl3yYbIymY0urWMUSusNj5Hp30Iy414PUYpdT2eGZO04ckWpRB8XYPT4L42TAhdkZKZlGQc6zPLhAbxFzbt0XvFuYQdNSsn3e2igKOiY47ObmcYRc47idtmO5cdUYH4bZGm+0nHDHvkgUanKBpe+Wr2h/2jSLgSG2qrtXW4mDd+/+c/p7qrVSZvLRKP3uaneYcFqrr~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:38 GMT; Max-Age=31536000; Secure
bm_sz=875D40D0CF922249E1A87BE5A18CB436~YAAQvWpkX8ZZIL2JAQAAlE/ExxS56+knjxRhGIS75+cFKXAysBUkdzjo9ULoo3fv9mc6BjikXJ6TOT0ALTkDlGhP+vFOIXLbAlQL43xCtQpd7X1WMtBhBygejWFPIV67h5fOgDKRMTUSAIhFlHxbndieIzfKhb27VghdKxBD28Wf+m44oelHL/Djni4pyqP8odJyV2HQ7bYzqsthgkoULYTEdMvyBeGzAKIMNmqcEtxhfuC3zxh0tYHAjUFE4bi8Zxr4NL1tW2wl43rRnPyLS0wVuNoWT/52DJfAWKanHU8KbP09EEWj~3159088~4403504; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:38 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24756-17484
c1.wfinterface.com/tracking/ga/ec.js
23.36.79.32200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=jJrByGvFVTh3yTcLjfaZHA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ort.wellsfargo.com/securereporting/reporting/v1/csp
23.36.79.25 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 23.36.79.25:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3083
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 7b21bb11-14fc-4aaf-59ae-d16fcd94d216
X-Xss-Protection: 1; mode=block
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:a45faa41-c17a-4741-879d-0b872794ea39; Max-Age=30; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:a45faa41-c17a-4741-879d-0b872794ea39|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:5; Max-Age=30; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:5|d:6; Max-Age=30; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure
DCID=ABmVKLw8v%2fmZlH63xbP4kJivFuacsjTaQnz0v9jrKFY%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
_abck=CB718F9273543C25A28A0FFDC306A090~-1~YAAQFU8kF6o4RLWJAQAA7U/Exwq+oP7w915QMRqC5aByzpKLwBxDeen+O13pcmGPtBhoLm7FlYL55rQ8HA4OgsFMpMSSHsFm5q1AqnbJjcfXffrAnzUVJnG/QeZ309vciLSV51L9jeGjhS3DneJHVNVWnrEOmEzZ4MxFbLzz0oJckFHB1yEwyWN/26lW2UZnD8QQeNDF3mgw7pIQsmbOZbhovLAGplfDELWTBN7L5psPRoIOoNk9BKs7USLRCl8l6YcYP1JGTxWwJygrff3SF78Q8v3dZeek7EAjSqJ8mH1iTOLfBVkAg+ADwIXy9OWsSSpOsk2jbYkPBcVggAYhFEx/uZW2nOzPHYEyi3uneL97OguqKbRHtLdzTXbSyzlQ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:38 GMT; Max-Age=31536000; Secure
bm_sz=EDF6A3C1FE93D8A5EEEC3DF5E4294660~YAAQFU8kF6s4RLWJAQAA7U/ExxQv6Y9y9vlHakVzkpx34+l23ac2uheshhCNlUBABOf1mW/80Kv0fcUI+ij7kGfG4efzH7xFNeQAajMnasw1rzuDv2xrY5LzX1mWCSBfP1NygiWvE6InVrnoaJJVZzgSxWGdnZU4B7zKGKR/AlOolkd3MRRwMVR8E8Ynm+toAu9lzdldy9ouBkfYXfYbAsShw5OKtdSil3TchvieG1HBKyk1K+u8nwpSNGrCaGlyxw2Cbml0vJ4EpaXq3q1/QKVpErHxqzBIkqR19hykmGt7jgc/C/1Q~3225921~3354689; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:38 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676855&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676855&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676855&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:38 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=h4dk%2fiRHz7uhJ50QlBVkUAv1fwD0QcXhw3cv6oWYM3F25DRK2yOR2X16Va9wONoI; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24781-49858
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=AMpyK397ky71878gZ2gr4Q%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pid=eecc0ba4-a229-448a-8655-58803d848609&sn=1&cfg&pv=2&aid=
23.36.79.9200 OK 1.0 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pid=eecc0ba4-a229-448a-8655-58803d848609&sn=1&cfg&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4264), with no line terminators
Hash 4a7336543f3e2b9cf305b1719b521bf1
11f0b535248e01a91d0f6cebeceab8fdbd774ed9
8abb28e2f253e7ebbfa8e952404c94f1ac5af421fcfbe1a953083944ec9b01fb
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pid=eecc0ba4-a229-448a-8655-58803d848609&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2801
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=c31911bd; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1041
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 05 Aug 2023 22:14:38 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=c31911bd; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!U3P6P0UL2aT23QbpnNE5eVRfS7HzYxmeCz2vfuRwI6Smqw0nF46AY87P3jst8nM1+MnORp4KKHM1nw==; path=/; Httponly; Secure
DCID=Wej9SbrdnaB4wVKUfhmsGLKg2cG01rPaakYjLcl6AsOR0Eq2tRMF3B7rn60EIpiV; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676850&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676850&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676850&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:38 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=x3DsoAVdw0rV0Yb8HtQ0oBFwJx8nOWKmAQQv0iNHTax4hl%2f4PHVIKR7j4ZjE5egu; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24774-13703
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676844&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676844&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676844&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:38 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=9S6OdhHrfhEQKNELabS%2ff0ev3Zsz2kb8B6jXD1vq8bSfVjfWb63A6PuO6Hg%2fgQhh; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24875-64575
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676859&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676859&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676859&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:38 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=32hPXlo3Qxpj39Uqqu5i8Pbf4sfyheBmZiWx7ZwDhehwY%2fUsGBQuzZCFNeSRHdxh; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24855-55453
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676864&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676864&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676864&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:38 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=odIHEsTkg%2fk2wq0o4GKrAGyB+YGqRnPIaJrslbUcBfbPdVuUpLSpqF%2f7+F9ath3z; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24756-17488
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 967 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2437), with no line terminators
Hash 584f25234be2d15012d2f23652bec4cd
e0dee89e4295e73776def14065bb8870b3710078
76ea955630a2c5a6a4deb7498f9896041efd29fae0e9e10d28c19fee636a75ad
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:39 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 967
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com https://*.postrelease.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-e4994ec3-2710-4d70-9e77-9999f7946233' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:91; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:934b0cb4-69c5-4c94-8c6e-5bc87d23501c; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:934b0cb4-69c5-4c94-8c6e-5bc87d23501c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:13; Expires=Sat, 05 Aug 2023 22:15:08 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=B06AB0D6B03535B78C4F01F67B4F82FD; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 04 Aug 2024 22:14:38 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230805151438440235513; domain=.wellsfargo.com; path=/; expires=2 Aug 2033 22:14:38 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!gnm9med36oFtK2IGl7IZxfIs0wroUWqNcsLXagMYdz9DnBl1igzCOo5i9i5Rr2VZFIHHzxkHF0P2Ez0=; path=/; Httponly; Secure
DCID=WmilVzyYKX9iLiul6CSVl9ub7qIMbLgA19arAEh3gGQ%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
_abck=E22653038F82BD897DDFB49788389DC6~-1~YAAQjGpkX/AwzruJAQAAvlDExwolP6JOqYuAW7ePJRYUOsjaSrqa09gQ0cquHH5IVlb/aYjrFoCRhwqpHXL40Crmih4iofuX62d7e0EqTkQgyembm+VfMs8+Cc8Pv0rl0jGmEh2x9cT8gdadD2AwXdAVAjPqWSjNBVv/RV3EB4396VEI68p8fyts2jk42Bqn7upO/+1e21GUs9hUr+Nkt1Zh12wpinf/Thl0+yqrjYBE5dl7scuJh5D/VbiYMrYNjby7ZrZ+GowOVluKLzUpG+qUL6u4YjdRxMzm6iTbP2EWUAK43qQBJgcTFNOiaqrXQkI6e89Fk8igkNCupj4fy54avDk2Lz6f869HYz4krfQYQvNIID/45/YubtWHRt30~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:39 GMT; Max-Age=31536000; Secure
bm_sz=E468A6C9801E0B8C3E9073A7CAED2E1D~YAAQjGpkX/EwzruJAQAAvlDExxTO6+ZBVdgy4/7ZSkkTB96s6EEKW9Ze6CuO+rkKDTcbbbBFjDBvPqHnNfm4Q0P3D2nU1VVYjc1I9EDx2FsuMIFV4fMy3Hn+0W0d+qnZQQPkPHx3l/9+RXlshmMsBkzASDV4TJIeOeiOIXGAKOxO1mxlgKr7idpfNeAFfK2l1FTdgZ2/I4be1vrjuUbXE3EwuNSWF+t6fU0knPDnYt2TfaIui3sT7KRRCBr/uvsWbuaPz37A23nXcI8nXkcMvkU3j3deBYl+yKI2K1nrBOuHzbfZUU55~3159088~4403504; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:38 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24774-13700
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676869&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676869&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676869&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:38 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=syzA9u5M7G4OZpFPk2xNp+DNKMs2mkZOUhJ2JAImMxAh+Jo2ejHZvrwUgQQl3UuQ; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:38 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24781-49861
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676874&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676874&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676874&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:39 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=SQFVjAGlC%2fSR9xT4j3e%2fU3iRMK+7qlYN+WECTv8E7yJyZkpxkRaQjXOdwtOOIfMy; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24774-13705
connect.secure.wellsfargo.com/jenny/nd
23.36.79.24200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash 6dc247ff857ca1f01cb17abfb204d749
51f2634edbd01f2ad23e5c0ab55b468c437dab3c
6386a23acc1c7857351c8d3e02be076be61625e34d5bd5fdbd738ad778dcbe27
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17926
Date: Sat, 05 Aug 2023 22:14:39 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:6395d6e5-4e18-4ea6-968c-c0f7023d675c; Expires=Sat, 05 Aug 2023 22:15:09 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:6395d6e5-4e18-4ea6-968c-c0f7023d675c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 05 Aug 2023 22:15:09 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 05 Aug 2023 22:15:09 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sat, 05 Aug 2023 22:15:09 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Sat, 05 Aug 2023 22:15:09 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=0hJ6RzlsqDAdg8t9TfhfzkSfFMeCI9cUaLSS4KIs6vzaLkUdODJeavFbQPa0CUmr; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:39 GMT;Httponly; Secure
_abck=20283AD320159EF40840B1397CA157D7~-1~YAAQFE8kF9nFIruJAQAAH1HExwrJTDOchtSnZW8nmAZQag+/c9A6MKTGQR1sx9d4HjaislMpfbzNo8+YI/SJA8VPkRFUdFHGe/Q7hii74yRCy7Lcmxd2rXPTGyKvR57LTkLQPK1kdfVWwFIDeWt2+2VmVcItcDh919lgjfRV/R08d5Io19Xjp5vKyK0jF0qvzMdKQDkgSZUv9rgJ1DrUm1MJ4D5GaDNKZoKZfwtQi0tfgnp8TlKG+4DpGKpFWbbWs2Qo0EPcHKx6padcej1yZGiLehSdTTvRhgedpjbGQOrjMqZhMzKqnhhrArCVgjJ/3qC9JE/7gSy0oDLAxlm6y2E2PdNWrIN8qelrieFUred1V+uhXjr+QWd27HfA1047~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:39 GMT; Max-Age=31536000; Secure
bm_sz=98508E710F51B6332DB27FF5EEEA13C9~YAAQFE8kF9rFIruJAQAAH1HExxSdPoIBjoLRsVJKZtxaVQuyYnuYb0xt8l5+KZ13jqSE93i8PSQzCBDUqbVCFiK2DWsTx4OfJaz57B5GxHQt+FipcPHOtlSJtrNF/bH7yBUbK7M4xmTeS0Bq4WeXE/Gl4KVyBWlQh/rXxsBYJ8ll29cMPillfD+IpB9FZv7KVhqzb5v/WCsbIvMehsJW5e/Rs/7ma1+iXhYbFn2WGgcBP8xWRokTTyDgrAuPoDaSGmfN6AmQWBk/OLROBv2xg2bzNJICvY7h/s85cO1kRUh7cYUHi9NC~4470064~3228980; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:38 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676882&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_tk1biltcardlaunchrspv_smlpromo&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676882&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_tk1biltcardlaunchrspv_smlpromo&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676882&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_tk1biltcardlaunchrspv_smlpromo&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:39 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=bSfV2fzRr2fbI+aclKdn%2fVwJL1aW1eWzEQL6iEGQReuVUFCK1PhYqZqh+GEIPn6a; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24855-55464
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676878&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676878&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676878&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:39 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=HDYz5hNcUsOzKJTkn4uFXaqqh4P2kQbDlJrMH7v2L%2fe8CRpyoNrdOKB5zaoGWehg; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9ce_VM-ARN-01XDr43_24875-64585
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676888&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676888&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676888&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:39 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=OyxEpe45FlfVLW4XIzYSHvNAFbJpbonjt+2rGko6vCviWoqtD6+I2F8vkNf+Tm8w; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cf_VM-ARN-01XDr43_24774-13708
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676892&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676892&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676892&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:39 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=s4z6D8MRy1Bps2OUu1GFwCJ61a9FJA1lGn7rsP55EbqvMloCM4XLelhND%2f+daOTS; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cf_VM-ARN-01XDr43_24781-49862
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676886&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676886&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--gh49329d48d6c.wsipv6.com%2F&cb=1691273676886&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:32276d0e-2974-4145-ad6a-7907b759bf2a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:91; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 04 Aug 2023 22:14:39 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Rbaxie6QwRlFPsxMgNAw6k9Z45m3cDnxcFWqOPifwWndozi4yqCkDqc%2fwkGwuBju; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9cf_VM-ARN-01XDr43_24756-17490
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.134.56200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 42efcd0ca8514e0894ce244b41e4fbf9
7e6bd9194e072ac75d5425661c278cb0d655203e
c13480cd69a01d687b51016adbae45ebf870a3d3a30cc54d1f2164042e20db7a
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2044
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0; _gcl_au=1.1.1541617103.1691273677; ISD_WCM_COOKIE=!gnm9med36oFtK2IGl7IZxfIs0wroUWqNcsLXagMYdz9DnBl1igzCOo5i9i5Rr2VZFIHHzxkHF0P2Ez0=; _ga=GA1.2.2125118877.1691273677; _gid=GA1.2.1234022598.1691273677; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:934b0cb4-69c5-4c94-8c6e-5bc87d23501c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:13; ndsid=ndsa20up8pi5vyglkykohu9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=xj9uxr4WPyu5m4Ae%2fErnz33pQbbb1IkXqLvCkOPuPCU%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:40 GMT;Httponly; Secure
_abck=9A222AEEA307A84F84E5902E18D3872A~-1~YAAQjGpkX/IwzruJAQAA1VbExwqcfKNU32DFBBNJ1m80jQwPdJY8qV2fqnaUHoXVnd//NB0PnIe92LBohnO5wi+QAtVksDgd18QAWIBhMslY0ue+9X/GqzcVIH3+DuVrfKO4ZSf8g4FPNjaLz2GzEfrx3UlYrHaaznmq8UjuoX64eoH4NwoXYItVTdbMj5isP7jAheTCvrGEe59T6cc8xJK82te6H4TaK/HvW7FBAuZZTJEEeRVaER4fCGE5Aqy+m72850mi6chdlCNglsk3wFnUqVTizg/F/A+LLE+d0rSom1ULtcAjgjn93EJ4ZdhrnSDjIA0AAOv0eo7XJVF1l2lqK6QNHQQJ3Ttfkj/HzkOuJTMZ43vtxX+Lys8dfVhk~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:40 GMT; Max-Age=31536000; Secure
bm_sz=25897954A23BA51441B049B5AAB878A5~YAAQjGpkX/MwzruJAQAA1VbExxT7T0QkWbspNB7KEh02Kiz89bLp3alTxDem/3lYS7v3ABRB190I3v7QVWL7twsjA0pFSZ9SSzLJ1VX/AW5NDccRvF3/CnecIPK4y83VOhB+c5YjouizvzGzQ7BHOjhopG+1tY8IC+64Nku7D+8YoHX4BKv9V4kIrOV4dU45xsGjQxUB9MEEKnM2bqgb/MHO7ZuxRRtiEKnNFW9Y2sWfgPTPxzQ3ndVF2y7VcTODtbbzG0POt+9dAiRJm1mTvjs/JQJucYUrFJoqDF13CYW/VtUbyXyz~3159600~3159106; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:40 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9d0_VM-ARN-01XDr43_24781-49871
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.134.56200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d4ee9d4e152c9bf8a168f037eb8fd88d
3b7ac284ec584d392a35bd8b1ce6b2fb28b6cfec
617e5ecd0dcf64d7a6878189b0e8cd0a4f3e767882673c290a74404f39e25447
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 852
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UC%22%2C%22diA%22%3A%22AdDJzmQAAAAA5IUrOSqX%2BtxLrRQmZjXB%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0; _gcl_au=1.1.1541617103.1691273677; ISD_WCM_COOKIE=!gnm9med36oFtK2IGl7IZxfIs0wroUWqNcsLXagMYdz9DnBl1igzCOo5i9i5Rr2VZFIHHzxkHF0P2Ez0=; _ga=GA1.2.2125118877.1691273677; _gid=GA1.2.1234022598.1691273677; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:934b0cb4-69c5-4c94-8c6e-5bc87d23501c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:13; ndsid=ndsa20up8pi5vyglkykohu9; _imp_di_pc_=AdDJzmQAAAAA5IUrOSqX%2BtxLrRQmZjXB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:41 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=NYwmXlYCSY8J%2ftKcuSKfrI+8dAVlW4m7f%2fA6tffn6dhXbD86R%2fiwfcKnCwJcvnJo; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:41 GMT;Httponly; Secure
_abck=03559B74AC62626BB09C08F7F2A1275F~-1~YAAQjGpkX/QwzruJAQAA8FrExwrr/7uIT5qwPjf0O2WbsmmyYRrlufYReHu/11eKMJ+EyyjMhwh4+pIPzvuv6XyNQCmgqdCesRVMMHfJRAIGY9tXqWemp1HXnJoce/qy8D0FYkaYRhsiqkJuFuddn0auNy2ili75VEHf/qgjKZWsoByKwDGQyHmvyH8s8WLPoPlvJuXwa2A3FT+7MXB/t99yszmaIKrqy2Euu5lPPth4W9wjDRkMEHBm8bfHKI1HzDGWhCaOn/AVRXRbqPVp9OQIqDRjmXlL7HUHkja/K1c3weFDBkjnjYaf6D8hYSOnqi+x0tR1Kv6g8/HawsHHqR+BGn0AmeH1moFDUDYOId75hAX1qnyutfk9Agfx/hJb~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:41 GMT; Max-Age=31536000; Secure
bm_sz=55E59CB41768EA6AAF065DCDEC4E1943~YAAQjGpkX/UwzruJAQAA8FrExxSDvWMf1p1mVu5ffCRUiG3NFAMKTv81kTUGiK21vGRL/B68FCj72iTMT9o54lLI2H1A7feaJIxmPjT/r/TvFuRz5IZ3RQ9O8hh7Xre+8YzIiAqhuvtxYQtHR0O6Rm696j/gIYpW4TQjjAb7SnIgwePtoJA5vD63Y8tYj3xm3LoOpT2nrDhTbK0mo8CsZ6DfNhFUr+rpg0ux/L0sJzpxWxzhc1fd0V9gubOVCdKgPpITwzDMi/FfDiOa9moWPCOsutD0kzTMLwbf0Ejgg0oC6R/TN2aa~3159600~3159106; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:40 GMT; Max-Age=14399
X-Via: 1.1 VM-ARN-01cnE31:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9d0_VM-ARN-01XDr43_24781-49873
www--wellsfargo--com--gh49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.134.56200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--gh49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint86:17:0A:A6:F6:21:B9:DF:71:17:35:00:88:C8:2A:44:FF:96:E3:3D
ValidityWed, 12 Jul 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish phishing Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--gh49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!J+kZ/BKNfqc8IUdnfhFjdbQk89YdzkMcAPVFYpUQ2yGRbGNP9B5CV/s96Ef56bEgsvMLDA2KEzKcjRY=; utag_main=v_id:0189c7c43fc0001c277ef09fe19205046003700900918$_sn:1$_se:2$_ss:0$_st:1691275476673$ses_id:1691273674688%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQNeCpJwnB3G8CmqnC%2Bbqu8Cfu%2BMmWah%2BX4A5hKglo8%3D%22%2C%22c%22%3A%22em9oeDZzaHpSWFpmZUhaTQ%3D%3DTmLswMchV2F1yBQvShu4hAoev3dKC99mM7AoxForCEn8q1pl-YoIeMPLXOSHSNabo-ta9eARLQgFJpCv5nCw0-AOSyZXCSVp_9c%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtNY7UClyrPVjOPnhMRmX7%2B%22%2C%22diA%22%3A%22AdDJzmQAAAAA5IUrOSqX%2BtxLrRQmZjXB%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22E5X8cTJrf4yxDGwbSt2IGQ%3D%3DWmB-7iLiwGDvTlPdrL_NLPcSYwlvYU4a4oVunCOT1ZCaTrh0g_gLWEUV1mESgqgxaGAERvVk6HqPJ1von_gnZCGT2NqbPNGxibhBp0eELKB9Jjnz8JHQuc7bAwhkxwjH_6yel2lDGhRhMZ7lWhB-say3pKnhEjoyh9NHM3-imsyRGuzqZ4_qWzjE%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VfB%2Fed6Bmq3XgF9Uk%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C39538658277227304526737648579868655057%7CMCOPTOUT-1691280876s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0; _gcl_au=1.1.1541617103.1691273677; ISD_WCM_COOKIE=!gnm9med36oFtK2IGl7IZxfIs0wroUWqNcsLXagMYdz9DnBl1igzCOo5i9i5Rr2VZFIHHzxkHF0P2Ez0=; _ga=GA1.2.2125118877.1691273677; _gid=GA1.2.1234022598.1691273677; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:934b0cb4-69c5-4c94-8c6e-5bc87d23501c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:13; ndsid=ndsa20up8pi5vyglkykohu9; _imp_di_pc_=AdDJzmQAAAAA5IUrOSqX%2BtxLrRQmZjXB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Aug 2023 22:14:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=PDlRq3yrePK63Am7N3NIMayTTGe7uTsSyf%2f0LDbPr3I%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:47 GMT;Httponly; Secure
_abck=57ABEE9E7944A83CE8F5105A3E2903DB~-1~YAAQjGpkX/YwzruJAQAAVXTExwpSz2Q1wdQLe6D2jD+IMhSaaaTQItfACjyQbxgn4V6S48ya2qBwYcHdqzJzpli252CMgM/cfwYi+H24PHmzax+DAc3eUGHCykihRtqK7Pxi9e+tOzLMPPlgT5MEphBm8a+9gYdUURr8KPXfwPHppx8gOXVtyHrLEpXhTWn8Ugtg+sEepnYPkYceEd7poA3uukecDHEYhaUKNEsy0I4QprlKgF3cTONsdVkUFWEYKlYx9bD2+SynSp0BmUPRxE4wWISNoX/8muXkRewD+SHUY/ta5wjHsIqCrQyvx8MnVVJFvs13glJTIP9gmZCpfUHpnYpIdahmNy/rv2B/Yo7jE3FNekwnnRCvvhBSKau+~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Aug 2024 22:14:48 GMT; Max-Age=31536000; Secure
bm_sz=C8EDFFDE3F3B6F7AB4274D6525FFEF8F~YAAQjGpkX/cwzruJAQAAVXTExxTVj2u5jq6ehEw7fOOp5X1TngHHgpKxaPmFNUbIEBR2E5yX+eYYSYPQ3vlk1xArzjE7G/EVzzp807UtKnzNBJ2IDP/24HAPTB0PZ7xZkOvkqzUDDmaOEBkhNsRQ30EtSL5e6WEFoRz9qkOnABfgXoNxqQ+xFlrRJQqr0tCdDHwmtA1sGp/vRXVvryNdqQQDOh8dYD8j+OzVqL6As1r+6IsFDX12uOCQ9uGaEf0r/fQYYijK9+42/Eyzgs/PDssF3R4oTdAYzgvGJ5ThxZqhxbTNY4lO~4539458~4339248; Domain=.wellsfargo.com; Path=/; Expires=Sun, 06 Aug 2023 02:14:47 GMT; Max-Age=14399
X-Via: 1.1 VM-ARN-01cnE31:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64cec9d7_VM-ARN-01XDr43_24781-49951
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pid=eecc0ba4-a229-448a-8655-58803d848609&sn=2&cfg=c31911bd&pv=2&aid=
23.36.79.9200 OK 164 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pid=eecc0ba4-a229-448a-8655-58803d848609&sn=2&cfg=c31911bd&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 06944d875488c7ad104aac76c7dcd01d
9b5a785e692814a20ac3bf2c343fc296a6f0c29d
9a675a6673ff1286c337f6cea183607bdd276de714136b4a876591dc45ada6c3
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pid=eecc0ba4-a229-448a-8655-58803d848609&sn=2&cfg=c31911bd&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34655
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=c31911bd; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 05 Aug 2023 22:14:49 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!qJ+YnDIDBFj/V4zpnNE5eVRfS7HzY2eQBx6pXHmIsNB0rEltIxKJsUr5ng2UFMQTavLoG7dCv/O/Wg==; path=/; Httponly; Secure
DCID=4E4ywNhDeLPtR+tV7pq%2ft81uEb121zTH+%2fgtqYyID98XYF59S3E61jUO34GdWBo6; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pid=eecc0ba4-a229-448a-8655-58803d848609&sn=3&cfg=c31911bd&pv=2&aid=
23.36.79.9200 OK 164 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pid=eecc0ba4-a229-448a-8655-58803d848609&sn=3&cfg=c31911bd&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 06944d875488c7ad104aac76c7dcd01d
9b5a785e692814a20ac3bf2c343fc296a6f0c29d
9a675a6673ff1286c337f6cea183607bdd276de714136b4a876591dc45ada6c3
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0&_cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a&pid=eecc0ba4-a229-448a-8655-58803d848609&sn=3&cfg=c31911bd&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50331
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=c31911bd; _cls_s=e8ceb377-6f04-405d-ae75-0e321e2fbbb8:0; _cls_v=cf443312-30b6-4b9d-9258-c4bbeeaf1b0a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 05 Aug 2023 22:14:49 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!JO9DDs/Rscz6FQgq/D2JHXmrrcNtC2EhVMfMrwDIHyksFsB3dY2H2i56TM153fLwblx0UhkitDHm4Q==; path=/; Httponly; Secure
DCID=pVJ3h7LDhncOLvkVm5E1iEP%2f90R0mIxdHOTUEP2+JjiJO%2fedk9uhxUZvtG94x1Af; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 05 Aug 2023 22:29:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
100.20.213.121200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 100.20.213.121:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintD1:05:1E:84:AD:7B:48:5B:E9:4C:78:9A:8B:60:B4:3D:FA:93:A8:DE
ValidityWed, 14 Jun 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 1535
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Aug 2023 22:14:45 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:931f2e31-911e-4a8c-aabd-739b13e9b28f; Path=/; Expires=Sat, 05-Aug-2023 22:15:15 GMT; Max-Age=30
ADRUM_BTa=R:55|g:931f2e31-911e-4a8c-aabd-739b13e9b28f|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 05-Aug-2023 22:15:15 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 05-Aug-2023 22:15:15 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 05-Aug-2023 22:15:15 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:5; Path=/; Expires=Sat, 05-Aug-2023 22:15:15 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536010; includeSubDomains
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
100.20.213.121200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 100.20.213.121:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintD1:05:1E:84:AD:7B:48:5B:E9:4C:78:9A:8B:60:B4:3D:FA:93:A8:DE
ValidityWed, 14 Jun 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 12742
Origin: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Aug 2023 22:14:40 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:d9ec4904-8fe3-45ae-9183-51463a4e3eae; Path=/; Expires=Sat, 05-Aug-2023 22:15:10 GMT; Max-Age=30
ADRUM_BTa=R:55|g:d9ec4904-8fe3-45ae-9183-51463a4e3eae|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 05-Aug-2023 22:15:10 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 05-Aug-2023 22:15:10 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 05-Aug-2023 22:15:10 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:5; Path=/; Expires=Sat, 05-Aug-2023 22:15:10 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536010; includeSubDomains
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
100.20.213.121200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 100.20.213.121:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintD1:05:1E:84:AD:7B:48:5B:E9:4C:78:9A:8B:60:B4:3D:FA:93:A8:DE
ValidityWed, 14 Jun 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Aug 2023 22:14:39 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536010; includeSubDomains
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
100.20.213.121200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 100.20.213.121:443
Requested by https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintD1:05:1E:84:AD:7B:48:5B:E9:4C:78:9A:8B:60:B4:3D:FA:93:A8:DE
ValidityWed, 14 Jun 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--gh49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Aug 2023 22:14:39 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536010; includeSubDomains
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2