www--wellsfargo--com--6249329d48d6c.wsipv6.com/
163.171.134.56200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash f3928d12feb55e37683f1bf5a0a64ff4
65bbdf9e04fba30c535038d4220a3402c91a6918
41befeace8dbd326d28bad57f98d0c63674e420e6c8c8f7867986f526fc1e4c1
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:44 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18966
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nuance.com; script-src 'nonce-24428ff6-1f01-4863-8fe7-e2af8096cde7' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18893 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805; Expires=Sat, 10 Jun 2023 12:54:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:54:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:54:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Sat, 10 Jun 2023 12:54:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:77; Expires=Sat, 10 Jun 2023 12:54:14 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306100553441652973730; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:53:44 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; path=/; Httponly; Secure
DCID=Xr8eSj0nV8MXef2WaziRKi+VPogIjWbMJFFmWFIv8gKjYiEYaaT2Qt1fv7bEWF1a; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:44 GMT;Httponly; Secure
_abck=DFE9C44E824D39A02FEB600581640243~-1~YAAQVZbvUFaG252IAQAADKtepQphPwb44XCH9VCNjdBVlX6RZDv97pHl9tePqZrg1Ne2ygh1axDYN80uQPuBOe2EijkR4d7Fk/iUHo7AnlWefa1Tp5ZckeJDvdsr3blETZ6Cg1SsIl//7x6vphat3ghLCV95Soffij+ZGPQqHCeyOVIbYLi2mzFKeQXMeBSlBOyrXnUcS/DV3eW/n1jup0+QYzWuX0HtRi3DlTOuUd0z0Tr6oWuV9d9nZuNVFc0mRf/Spw3soPSXKp5tm7aKXSgMQdULFjywbtFnwDMrjxB5qWudI4CrdwgShKRek0TN3GrtzjqCoGEwjeK6KTLFUf3Vx+xoXIv7whOJ+v/D4+me+zHJOTBWq1+TZpv0YwIn~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:44 GMT; Max-Age=31536000; Secure
bm_sz=FCE13FAF7D0B7112DD321E2CCE9E8435~YAAQVZbvUFeG252IAQAADKtepRSbWOX3K4fmhfSCm/ALZ8Iy9GxDXprCx41TW9bS2jo5eKalcJUFRgIsFNog6xA7CIroYYC3WF3Zp3AdpwNQAt5zC6srGfOYKUy0sojWiqMNuh3OBYoMvMxyU0NSKff8H1WSrgTWDptCzDQeEQcAKMAy5V4oqI0IGDTynBZMHQgwYPUiOqxJ6DQzXH1gLxeNrRUSSNs3tdgTM1knprO+a1JauArWiLkzrtPxGMf905Q3EOF8LkTmxkGFaIIIGdNYzReGhIEbESt48CNux0hzVDEyzRdO~3420469~4539458; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:44 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847258_VM-ARN-01XDr43_17053-65192
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=477273
expires: Fri, 16 Jun 2023 01:28:18 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=477295
expires: Fri, 16 Jun 2023 01:28:40 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=477482
expires: Fri, 16 Jun 2023 01:31:47 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.26200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sat, 10 Jun 2023 12:53:45 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=IpbhQdrkIDWSu1MleNkyOQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6249329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 76 kB URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 0d61b4e4742d5251c44efcd5d8166a2c
04189d5a539c1cc84fee87994097919000f3434b
c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:77; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:45 GMT
Content-Type: application/javascript
Content-Length: 76203
Connection: keep-alive
Stored-Attribute-Sha-Checksum: c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Last-Modified: Wed, 26 Apr 2023 15:12:26 GMT
ETag: "5b60948dc39561fee36fa77d7eef5047a16cbdb8b05e43f4f2fbc918f19cea08"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=mSyk+KTKRKrLYT5Q6gTJzg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=6591C437479850DCE225A66B92020645~-1~YAAQVZbvUGCG252IAQAANqxepQqKAfNZWN8hY4Rc3usWEjZNzbyvUc43XSs2Fru1UK11Zts0leYnRTIQUb4FwbqL/4y+F4NtexY7vLCuHsPJEoceT6vYKjuSZsMiUJmD3Ksq60V+SEtWY4ZnMnITlrSo66uG/2lo9x7vHPAhVNmU5xw7XYUqR8/WjENzy8uPKTbXMxNoD/kFGv9q8tl7ak6DAOZ/BDMfpZ+zDN2JHTLLPz/ctW2jlQNYBYm/vA0XeAPKhJLsTTnkHV1WXsshEakIcfP1qzSXNgEBsAGEb2WX8/Bf28PD0XTVJeRSzQ41Vcrtsb2CZNZ5opHHrSNFxQhMxJflTpnouN8SZ+jBnyrxTsVlruO+mJa512+m7MD5~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:45 GMT; Max-Age=31536000; Secure
bm_sz=C4CA56EA96BFBF5D8CD259846FD4FBE0~YAAQVZbvUGGG252IAQAANqxepRQp75cFiI7ElfzSvj5WvInSKJpYeFWGnYu0gLdIT4DwnlJt4zJwzNlvPr/xJ43yYV+4ahcXP2al4QOnVqe7/uZd8VptfuookBg5zjpqndEegGV0lhcOBJXD5mH5bkA9cuiKvSn5KYt/y+9pA0e/Fgt8JNaHZh3v8A3x30zvSVI53i/TGxp/8N7P5gMG17EgR3HUPz0t9HRIMrOq/dVmC7GRwRzgmt8hRDMn0C5mWiQaWkK2Mw1Xb210lYdupB2oNTgDAJvabmxhdDyeK79Fx5MzV2vj~4473140~4407608; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:45 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847259_VM-ARN-01cnE31_22254-25255
www--wellsfargo--com--6249329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.134.56200 OK 59 kB URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash a933fdd4ac4b1b509156b6d8e5a3f6f8
333f8eeb5ea0eb2f178eb84e2f05889ae6003d24
6097c62137472315d46a883ed1c7f75f8f3ca70dab8a485f39a02a0ab92b906d
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:77; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:45 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58984
Connection: keep-alive
Expires: Sat, 10 Jun 2023 12:39:09 GMT
Last-Modified: Tue, 16 May 2023 18:56:42 GMT
ETag: "6463d1ea-2d1ae"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 VM-ARN-01XDr43:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847259_VM-ARN-01XDr43_17053-65197
www--wellsfargo--com--6249329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.134.56200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 639612224995638b19908ca003c5c27f
8dee285a7b72eff0120b7095f5874ef300155be7
b06999ab5fe0fbfcbae4fcd87dd59688cbdf1cb68023b52fd441f3aefd34db1a
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:77; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:45 GMT
Content-Type: text/css
Content-Length: 24054
Connection: keep-alive
Expires: Sat, 10 Jun 2023 12:39:09 GMT
Last-Modified: Tue, 16 May 2023 18:56:42 GMT
ETag: "6463d1ea-2b00d"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847259_VM-ARN-01cnE31_22203-29463
www--wellsfargo--com--6249329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.134.56200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:77; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:45 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Sat, 10 Jun 2023 12:39:09 GMT
Last-Modified: Tue, 16 May 2023 18:56:42 GMT
ETag: W/"6463d1ea-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686331094564_1551625791_77844025_1956_11041_0_3_-";dur=1
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847259_VM-ARN-01XDr43_17111-8324
www--wellsfargo--com--6249329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.134.56200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash ea17d6fd0d9ca918fdd4d354678e7533
71cb91aed7477ead3b43a4c90617b3ca968ce9c4
c9d53ed1746f5e2d5b1d8a470eeb47429c46ec26e696a03f6ae9aeb02e246ccd
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:77; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:45 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4273
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 10 Jun 2023 12:53:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A0CsXqWIAQAA8IWsFe2W1Vy2nnGsBGOyc50JS7PiBzv0BFdOcaCC-HfKrY5zAaOrhiucuNk0wH8AADQwAAAAAA|1|0|ef81f11079b86539ee6fcd6ccf98fe71a1fbf4de; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=I8f69gUDuFBwttQk8tnuRFq4RrA3yQYUdZQa6aH2KOIWCU3NzIgijhyg49eREv6x; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:45 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847259_VM-ARN-01XDr43_17053-65195
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Sat, 10 Jun 2023 12:53:45 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ykNl96ZcTa%2ft3VXGmqYYYw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=15085902
expires: Sat, 02 Dec 2023 03:25:27 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15089784
expires: Sat, 02 Dec 2023 04:30:09 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14982072
expires: Thu, 30 Nov 2023 22:34:57 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15090666
expires: Sat, 02 Dec 2023 04:44:51 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=14982076
expires: Thu, 30 Nov 2023 22:35:01 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
c1.wfinterface.com/tracking/hp/utag.js
23.36.79.32200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Sat, 10 Jun 2023 12:53:45 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qTOvSs07SIS6rjAR8vgSYA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6249329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2049
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:77; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 12:53:45 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=%2foGxhTkJ7wVh%2f6I7QqreRQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=%2foGxhTkJ7wVh%2f6I7QqreRQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=7EED233C0CE055EBA7A9DFC74F428959~-1~YAAQVZbvUGiG252IAQAAD65epQpqqeZ+yTy3ifdgLZOv8weQiAn87e+uZUYOU4h3JlG+VH5Tndf/HoVATO2Oc5aVLICV8ZlEbqd5zMKlNsq/U23bS0Ci3cNijivcPUoOgUB0G1UX+OrpsJ9mPxelwFuMxbMAjh4FevbO6mAwdUVPxaoMmVz73ri1rXbvVudN/H9G/UiuQQ0yJ0e8HerbhuB8KoijIMIOGea+HjVurq5cmlpEAPvyQz+P6GQSKaS6SjvTaK0N0twYVvge0u9GL5QcdpJISn5Or4CYFijNp5lnMOLJywGw46sB/7pQeLzpHws1rqKOt5UjxAv78AVIGO7GMDW7Z+vdtMF0r2IB7v5Fdpai1DIu2PsfubG8lIXv~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:45 GMT; Max-Age=31536000; Secure
bm_sz=B9033B21AA0AC270DC4CFE4E7699004D~YAAQVZbvUGmG252IAQAAD65epRTBxRtjGCpdEQj/W6x9g6AAbr0Zvqiy3m09QW48QvmMvMsIqbVszPCv6DhsOoVDhXWpwD9AS2jiJ1luHPpWbotCrb3W1WwOnbWOYmoNP3mrBYNZtG6EKin7L8vecZ6sUaEDkrbmllZp5xQVTD67dKUBFcXq0g9zPIOEKNQmQ7bkxxMQBLJo7/KqXr3jtjyrWZsACxTMN8w6cRI3mqwbyhK82WJSG3K17bOfNCrQtCey6hJrIuZHWhRkBiY+BTA36pfPufNype3CPDv3D3K1I4TEwi3x~4473140~4407608; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:45 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847259_VM-ARN-01XDr43_17111-8382
www--wellsfargo--com--6249329d48d6c.wsipv6.com/target/offers/conversations
163.171.134.56200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10615), with no line terminators
Hash 65d2f74f05f8a3c73475cc75ed0a8974
d7cd324f74bc713b86e236c91644b036bdcfebf3
e5177df2fca2e46edad05426275114037a2db26b486aecf0b6c2a94ade741320
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:77; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:45 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2091
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nuance.com; script-src 'nonce-c68a3336-1c49-448e-aadf-fcaa671d1ccb' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:77; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f; Expires=Sat, 10 Jun 2023 12:54:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:54:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:54:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Sat, 10 Jun 2023 12:54:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:175; Expires=Sat, 10 Jun 2023 12:54:15 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120230610055345631819986; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:53:45 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=45C9A138C8D3B5920B79013FB81E7F6D; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=xJo9L1h54%2fGvZ0HRdOSnaH1ngTx+dyacgZNBAc8vzc5OVLr+uEZC4KyrleSYdWj3; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:45 GMT;Httponly; Secure
_abck=EAE21F5150CE711D614E03CDB5EE8FB2~-1~YAAQVZbvUGyG252IAQAAZK5epQoexEio6N+f+9+kQFpLVwor7S1N9pu3ahWOnOc6TF+Dhnv1V0T6Nggt+11jjRiAEnNGgQqtwKUt/aJKGGCQczJffC3ptusqhFhsFvqaxNYPIa2vSpBeSzmTavDkfaXicM/1TYZjbb4rymOIZ08kydmEemzGgfB8L2dbke6UGDHAgbgleXX3QIKEMmHgbLQ4pAZ/0W2JGqSJFoYzVUHnhkW5UTygSeBGpi1qjXQZ7ephZG+Y2gJrmC+EF+DRHf44DeaaGMURNpWpqaTNV+wmM1riuIzBefU8175fr2NigkL36/DdOqWSZ+Ex5GiZbJAF7dcoMwMqOvEvH4B6Gf2Cj4K0ECX4rxqsmG90m6Db~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:45 GMT; Max-Age=31536000; Secure
bm_sz=0A5016AEFB2CD87348DE4F8EA1F6CFAF~YAAQVZbvUG2G252IAQAAZK5epRQpmairAjfMG9UhR8fEm1faK/vUUCeyybeQQYAWtCmYkCB55D9Y3+TMruL2aF4gOE26WExonZN9PB8YeSdeefvN8GxYHGOZ19hUP1hw85rU6T1N31yceFf8RomhGEExs4bjSK5WFN8ibbBnNLaMl2awE2s6RrS3P8TfWVV6N7oPKQwXJ4vz2kEluHdUbP4XyXjUlsG6SUBzMvYSMAIb5yhqIskh2UT/WvslBJNcAwNrpgX/Co1JcM/XPwAEWRWVPUaBTkftb0t6kbHn+fInqLLPIWSh~4473140~4407608; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:45 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847259_VM-ARN-01cnE31_22203-29472
www--wellsfargo--com--6249329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AEDtSKWIAQAAg_eQ7w7J7ezXIFOEiXBwpcjQxhU9bvVyi4rbGIs_ULDDJlIR&X-G2Q3kxs3--z=q
163.171.134.56200 OK 150 kB URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AEDtSKWIAQAAg_eQ7w7J7ezXIFOEiXBwpcjQxhU9bvVyi4rbGIs_ULDDJlIR&X-G2Q3kxs3--z=q
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (149722 bytes)
Hash 6bab54714f7332dc0b4d55594144fe42
5ffbfbd258c32e777ef8f6715b130f052475c255
fa9d6735bab7fe68247aadddd429999335166266b1e2be65f7256cdfdf088528
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AEDtSKWIAQAAg_eQ7w7J7ezXIFOEiXBwpcjQxhU9bvVyi4rbGIs_ULDDJlIR&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:77; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:45 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 10 Jun 2023 12:53:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A1mtXqWIAQAAd_zbO0mok7p2gkfkgZm-aVma5v04sCEwh5eYyjE24En4iMjAAaOrhiucuNk0wH8AADQwAAAAAA|1|0|2417d370fa2b0c9e387eedd2e767220b7dce8687; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=RGVsl4XoAIGMXZnZqeBfH%2f3VsHVbo3t7yIzVTGBX+vZvPxz86xRsXyYQo3RStt5J; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:45 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847259_VM-ARN-01cnE31_22254-25263
www--wellsfargo--com--6249329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.134.56200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:0997f005-9aff-434d-9e93-4f8569a5f805|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:77; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:45 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 10 Jun 2023 12:53:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=TwJzaIEsXyBO39LKH62kSfq9by0If%2fPGqNh5ii4lzAcaRccqd53L6VqOlKiTOtco; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:45 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847259_VM-ARN-01XDr43_17053-65227
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15439
expires: Sat, 10 Jun 2023 17:11:04 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=477469
expires: Fri, 16 Jun 2023 01:31:34 GMT
date: Sat, 10 Jun 2023 12:53:45 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
104.110.27.78200 OK 3.5 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d1b1a3360bdd72738e293e52317421be
959dd982844853f38ab34579ad4738ee17b263d4
e03095c638618279cc642e7a7e10d962f3d7161eb34a25c9a2407045fead2391
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61a7e46d-e1c7"
last-modified: Thu, 20 Apr 2023 01:30:27 GMT
server: Akamai Image Manager
content-length: 3542
content-type: image/avif
cache-control: private, no-transform, max-age=477295
expires: Fri, 16 Jun 2023 01:28:41 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
104.110.27.78200 OK 39 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 5d115cb30ce945de0d431748aa0b6073
e1af15a87872a93c56598fe21c82c252a7c82345
8f0441ba6cd327f630ce1653262816ae3fb9abf2db73b70c50be3e66c51dfd8f
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505859-e2ce"
last-modified: Thu, 20 Apr 2023 01:30:34 GMT
server: Akamai Image Manager
content-length: 39415
content-type: image/avif
cache-control: private, no-transform, max-age=477417
expires: Fri, 16 Jun 2023 01:30:43 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
104.110.27.78200 OK 25 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash bf978a151ba3f10a7412e8cd5fbdb863
2af8e9c16c4f1e96ba1e86beee63521c802c2cce
ac555d446e447b4c8cf2bf2dd377d53c3b21faf83da3259dc8839c782eba1d9e
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6350580a-d82f"
last-modified: Thu, 20 Apr 2023 01:30:23 GMT
server: Akamai Image Manager
x-serial: 1019
x-check-cacheable: YES
content-length: 24880
content-type: image/avif
cache-control: private, no-transform, max-age=324835
expires: Wed, 14 Jun 2023 07:07:41 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=435756
expires: Thu, 15 Jun 2023 13:56:22 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=477341
expires: Fri, 16 Jun 2023 01:29:27 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
104.110.27.78200 OK 2.3 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 3ce78d6dc48322da6961f79a42940dab
528dce02a84b67925d3e41632eaa418f0de7ad23
a137906477e02c4e3a756f805d90072a0c2e5c0d50290f0932de573ab29de76f
GET /assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "641a0e62-1da30"
last-modified: Thu, 20 Apr 2023 01:31:14 GMT
server: Akamai Image Manager
content-length: 2317
content-type: image/avif
cache-control: private, no-transform, max-age=327982
expires: Wed, 14 Jun 2023 08:00:08 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=477424
expires: Fri, 16 Jun 2023 01:30:50 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
104.110.27.78200 OK 13 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7d601c2b059838fc333feb0e3e020fe1
f57bc430ce2a2b0c146e8d573569367c6bf75bc3
dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c53-e73f"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 13330
content-type: image/avif
cache-control: private, no-transform, max-age=477378
expires: Fri, 16 Jun 2023 01:30:04 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=477420
expires: Fri, 16 Jun 2023 01:30:46 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=477608
expires: Fri, 16 Jun 2023 01:33:54 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=477723
expires: Fri, 16 Jun 2023 01:35:49 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=477436
expires: Fri, 16 Jun 2023 01:31:02 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6249329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2212
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:1$_ss:1$_st:1686403425033$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 12:53:46 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=y310FiBNSf8fhDlyQk2n2Q%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=y310FiBNSf8fhDlyQk2n2Q%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=B7FB6068CD77317C26E596B2B7F8991F~-1~YAAQVZbvUIGG252IAQAAc7FepQqJLZ5WgMn75wYwrJ+IePYV+C8tHuj8kSGIpB0QaUOseE6t5R5TWkJDGDeFD5SXxFuFgii7wHEG8vrkiH8n4YmAlD/m7z1RH0qWZ/IME9P6T4Vq22/2yediAP65Ej6Q9S1SXObRMlHmPHGlvzUWvf52Q34KlSm83+lX6fgmiBMl4UIXh8Vm0Lg9FMxsiE2Oe7mUe+4EKlapo2B3WUNCEWNXG92Ks8OOQFk9qDbAfuzBqJqPIuu6NtCvBB/IHwLpVLQJJQslNLi77GPBZTZQHZ+GdzJjBeKgRLRnwCCx9HXkxTJVZwTwexZEw5bLKeF7QbqyjHPVT9eKtMpy2dGXkkffRmE0wqJLKm70WY1Y~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:46 GMT; Max-Age=31536000; Secure
bm_sz=5FFA8E88F23531F224ED870D96B02B87~YAAQVZbvUIKG252IAQAAc7FepRSVPFzntAQT2hao4oErUYfYaCiyaET5auQotVhc+Ppyw9UMwcqL+tdzDrfKG9zgJOsxxMN7NcMDiPo78M3EOT8TMLjlm8BKu8e5j3QIHwRTwU02M40MKKxv6ffrjP7cysNswL1ZDESwVA+YXMxPYBQOLb4CN8jn0qXLfqN92MrsCOmGFwfm0K/ErI1bIcE2Srd/Z3X/KY5EoGwMsJf4hJb9qfZGxqFjJ/wuy5AXHjrSpIF+blV5+uskSgmBx5iJpaS2VgfaIULNztr3PKuvHU4x7moo~4273713~3228209; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:46 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725a_VM-ARN-01XDr43_17053-65257
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=372213
expires: Wed, 14 Jun 2023 20:17:19 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=477298
expires: Fri, 16 Jun 2023 01:28:44 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=477424
expires: Fri, 16 Jun 2023 01:30:50 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=477300
expires: Fri, 16 Jun 2023 01:28:46 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=477581
expires: Fri, 16 Jun 2023 01:33:27 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=477318
expires: Fri, 16 Jun 2023 01:29:04 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=477266
expires: Fri, 16 Jun 2023 01:28:12 GMT
date: Sat, 10 Jun 2023 12:53:46 GMT
X-Firefox-Spdy: h2
c1.wfinterface.com/tracking/gb/detector-dom.min.js
23.36.79.32200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Sat, 10 Jun 2023 12:53:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=dAh+TFFXy6LSSx554CcoIg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 12:53:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=fBQZtAgVJYMPWIUnUUSu0A%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
23.36.79.34200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Sat, 10 Jun 2023 12:53:46 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=6+T5HfO2Qi%2f7Gi7DZtCC0KgN0wN67UyBXdf3tLwRaz1VRkSlchW2cndga6us6PvP; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.26200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sat, 10 Jun 2023 12:53:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nxIDqYyn93VVZ082gRLlUg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
23.36.79.34200 OK 150 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (149496 bytes)
Hash e9195aa7983707e8faa34f1e738008a0
b266fa4816622e6c9e737efffba44db76cf7793b
ce0375dd6f5bb0ff9ed4a37dd37e76901f658a0aea0e819caf5203dc8864a0bc
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 10 Jun 2023 12:53:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A_yxXqWIAQAA-qhoi9wkoTlEcnurc3F9tkPkNeI_rIa6pdUqgnhaPMZYolR9AVtaKpqcuNk0wH8AADQwAAAAAA|1|0|3d5105665fc8592029d66a7868645df35cf4b9f2; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=G54vGQydhtA2tMHhCYD8DpwzpxUAqP6I3uQlAUP1oSOHgaIOMFOVbKTSVUVy8M8m; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6249329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.134.56200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 46a7b7c2435dcf6dd99f4b339c778b72
1538dcf5c9917564521f70b0dff39702ef373e27
2fcf11cdabbb846eeb9cc221a798fb90be5c03955b1a38f1209b66caf0cd2f93
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------13576537952009888748896681547
Content-Length: 169
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:1$_ss:1$_st:1686403425033$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:46 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=tCpn6Fq2k%2f63BeHX+X0lOa0ac2WLTDYAaVnviNuHV1kRTKVZst9mYZlLJ4AQ30vI; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:46 GMT;Httponly; Secure
_abck=3F5DB10276E035442C285EC84AC6BB4E~-1~YAAQVZbvUJKG252IAQAAArNepQp1x0rijKi8xZ7NLkS4nOFktALZtm8ihrcgh5Aog+f3efygbttfmVXJf0hh9h9ZvJSvRijzVjuXdI/0B2ucElNFSHgDC/IMPz76eZBcXa8B1i4CXhlhGv7UnZ2h79WtB2kHm62bDXh5AnO5uRgoNqW2suw4yfgp54dshDsMKm90cpk+36fOMD0yKTorHSQfrIXDQdMy7Y8X8WJcyKdC3SHUZ1jbYVwgfOjOM1kLZyItCpow2S2ytPXwlNLQ9zW1sxhGbCPttnVnQwguUZighY7Ekey9j+VoOQmTDVdon9w3Gqs4yzdYwSAsYww3r8TgLvIvRl6N6Ueji1m2MfFpgIjWZThPdiyHOWDFMmFY~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:46 GMT; Max-Age=31536000; Secure
bm_sz=B175B5FC71EAFC847F695DB31EFCD16D~YAAQVZbvUJOG252IAQAAA7NepRRmMu/jxV8xfOKJp0Fe+UHuB1ppXULejev3DSKPyl9Fm3Ep6uU2xwH9/9x9jRhyNbVUPbhR8dMUvOkCXEm9AlQmt7fwda3XJMO/EBmvKhYbZVj2vdk2bBPEyZIAnAO/dWqg5LChQDEhpFw1UeLRSNj4WGnRLaf/vZeIeJCqUA+ZM2/+A4hKD7hXm/S9xTk7pslR71A3V/JwS7FK7xxlP+Hj19/+cGsh+Uqt1zdr1cQpXYb7YSDqRwgVNE+BU6Y1RG33UaxCtS8Prkx2PvrpofZznLVL~4273713~3228209; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:46 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725a_VM-ARN-01XDr43_17053-65264
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
23.36.79.24200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:53:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=xBBNpXkqDcKe5OCRVCHo2A%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
23.36.79.24200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:53:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=kED+fD8douHrI4N5+iBkVQ%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6249329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ADRUM: isAjax:true
Content-Type: text/plain;charset=UTF-8
Content-Length: 2618
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 12:53:47 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=6fmBy2eRyhzXqFTmAxvzrw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=6fmBy2eRyhzXqFTmAxvzrw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=F159678A602225C3F2F611DD05A899D1~-1~YAAQVZbvUJiG252IAQAAj7NepQp+BZFAoeJYJCgkiAYJVhq8FDgPHtatS+StCQ6iIsdD5tXXFrnebTmHvai6qq0cGjHTH+EHE5f/fFajXasIkcco6DWY/fS2ey7CpCrkCLOiQd69hgMU3Ym52+EabVRCC0lBo0yOsGSGVAiAABkjvMichZfZULvZEEYWqflN9zesuGWEA3IKAOcp3afz6D0fV9WIY4gqheAsRoFJlq2jPHSzqdbf96D06IukeF5DNcdJyeJ/bCVBjkpuRXA3zV5mos2e2fARko1es5cjajpwMy+RpozbuLkcnUz7TkMCGvsBx1iUrFUZM2jl2wCfybm+zD27MPQPdnyK7MwuS//gWseLdv7PDE+uRgdUkw/x~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:47 GMT; Max-Age=31536000; Secure
bm_sz=2AB064E61D7F363D30F2484EA210BCB4~YAAQVZbvUJmG252IAQAAj7NepRQv1y0vp2/YD9Az3gMnbciUQ4rz88IqsxpRYIaVR72wVyeDXcCO5r4WKnTtFOwobQMby7wuYKM54u2/c3qo5vRKReV5o8TkuXFuaxLhdoLl9MdbXLDJZAPc6jBIFiQLydKjbp1xvItkLdE91gxmKEghbK2Oy9SHEu+h57ofPqDXHy+fi0n0xZAfQy+KIaC/5Nqkgls0lurVN+ExlxSmkp0eAAus2f/u51deoYVJmYtHeV689Re5Y3XxFChS/1NgLP1lp6S4tJlVAdjHs7l1qWko7VDk~3486514~3356726; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:47 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01XDr43_17053-65271
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
23.36.79.34200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=TlNwgVYu3NsGcqFsNrsnCvAOEWOGz7H7v5mmH6vIuzrbnFZ1wDfzb+4rNi2M9bFw; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:46 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.34200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=7BskeFGliNxE%2fn0bxhfYwDi440SzswvProfSlZ6hD+P+1EIdZxvAlGFZz3MdAC%2fL; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=3ok01oKdsPx2HsOn031beg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Px+60TMdi1bzXgI3oYzj+Q%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=g8Ll2TJHLgetCflK2bhGPw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=yua+R3AkVB6OTSdZPfkZgA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.39153396626156356
23.36.79.34204 No Content 0 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.39153396626156356
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AIDO/mint.js?dt=login&r=0.39153396626156356 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=+xoLIGVAmZ2w6cHWYfYWsmcJ5sjinFk7sukNyO24dGKFegaVKDgDHTKQvH2ag0jM; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/glu.js
23.36.79.34204 No Content 0 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=5aXPkY+v4C2MPcFfy8AafMpwzSPxd0%2fDEYGUhYEGozkjhJoLPZofhnE0NBXh2TF6; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626732&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626732&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626732&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=EXc2EUOf6m7GF1LpmOCj1eZZO3nON6RKRokvNjQMLeOec1rWk3Flkf9vC8SkxWiI; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01XDr43_17053-65276
c1.wfinterface.com/tracking/ga/ga.js
23.36.79.32200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=RTwXW4qFzgc%2fGMp+wZkO8A%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2%3A0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pv=2&f_cls_s=true
23.36.79.9200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2%3A0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pv=2&f_cls_s=true
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash f980af691167086047659814849a8f1a
1c9d5b181a8edff5033b85c6f7c8fef2270e03aa
45a0a76256982e829aad4980b82b52cdbd18c0ee73f0a855d788321d6df1e0aa
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2%3A0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=61b48273-7be7-4abc-80e3-dea69f159608; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!eATzOze+ayDZGgrpnNE5eVRfS7HzYz9rlM1srAFlBXD2glECLqAn2DtSYSCHbga9LUyLC5BZqWmP0g==; path=/; Httponly; Secure
DCID=vN2xaCXfXkVNlaP1IJ5QLLpYfvcSxAWlJ%2ft58i2oMvRHsxC2DsHP1UB5i4Z8VFCP; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6249329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 969 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash 527b7b084e6b2383df7abe5e4c99e611
5e7e06a2fb194a742c810362a6ba8dc263a23a47
07d941ec258c0315997d00620e641c7e9d2f8793e76b405cb738606fdbfa6bdc
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:47 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 969
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-bcf43b79-3747-43a4-93a0-93fb3eb91351' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:175; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:d635c449-3a23-4213-b5b3-1a7b158ae7b6; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:d635c449-3a23-4213-b5b3-1a7b158ae7b6|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:56; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=0AE54402A88DB0BA6C8D7E39C55C2C2A; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 12:53:47 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306100553471600956843; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:53:47 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!xpKZsM2LUPqfrIgMntjHYqEj2JIOPBgAxEhkhGtP29DuTo+c6G/ftyG2KyrZQCZsAtJaq2VZtH53n90=; path=/; Httponly; Secure
DCID=5dTgi+PxNuDx2GV8xPZqedeMo6QXKwfoxSzRg26uxJStxCtpOQ95+jvXeR6iAbNU; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
_abck=88285A19A00D08A7FC33B1A55982C5C7~-1~YAAQTpbvULZjTpqIAQAAQbZepQounJ+TVHYJyAFN5fpG3CP8xbRnr3H1WrJTJWkQn9BCl1qR+apW0vRGq72HYrTjXGE6X1psADkcOsSxZ2578VlZgzj4Qgs7Y0Wh8hCkgZ+X3VOrvy2EKf6CwIfWNJKwF/bfMfH1MI7Rojf0SDkymQDjo4ee1ggz1BgHpw1OLeI2Nf/xWg60nFfuIuMnBNuIsj4We9At6e/8SvCsF3KQGmj9Pr8kwkmYpc/rp80bg9p+VhkHcj0sTY3C4cVYCnfOhjqBXzAoAlElawhLQ0KY0ciMUu1TbYsdFf0XX/KAQfFjUif4tCN25vsxo1BrpcJ9KhQBXzHxdiKLv8VlibLdRNqFDHSTL6YAaLCQTd3p~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:47 GMT; Max-Age=31536000; Secure
bm_sz=E74C3742C148A9DC170F0059BA3B1674~YAAQTpbvULdjTpqIAQAAQbZepRQxFEN7u4t9fsg/GHvRbey0RyYT4OvlGnD+4T5nubC1XGzT7cBoMn+G3Qpai0LbKkR3PBJ7pQ3HHsur3uX961ZB50tjtfVkyrY5Vh9/gfxIhfpm0O169qdtOQW+paQexJFZJRSnN4QQv5W7L/XdR6P8agTkaVx6JTU8c8FCKTOUuLmfzwmQONn67X8/re43uo3JYOtJLS6YiTCoczBKMvnbj5eJDuap7rvy9pbq5j34teRFVeXBZuWsySCWZiz9nb3xXxBzCJP+cll8jKSeTtoxPajG~3486514~3356726; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:47 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01cnE31_22203-29500
www--wellsfargo--com--6249329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 971 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2439), with no line terminators
Hash 5d86d412231a95aa283e5987c4756d15
1984eec4246b50264fb2894526f4f5773f78469b
6ed7a0c8ff1d73d867058fc7296a818c7c88fb94d4e66be7919852fa65e6097a
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:47 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 971
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-62965885-a7eb-47f3-a6e3-6ddd1cdacdb4' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:175; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:4c4cc27b-c579-4f57-8ad5-89ea5a4edb5a; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:4c4cc27b-c579-4f57-8ad5-89ea5a4edb5a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:68; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=8CE010929B28CBDC35B53788F8AAA6B9; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 12:53:47 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230610055347552959734; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:53:47 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!QfNGMCYAlkLeN9oMntjHYqEj2JIOPOtn/MJvH4JnprfO9eN3hsgg3OGCYGnrmzbcXThYTncrorbFDrE=; path=/; Httponly; Secure
DCID=PUTBoTdIhwlv48lRu90QPEW+1I7eiUZC5Cx1Z3dc47aIQNxCVew3FWFoDNLLnz3I; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
_abck=103B5B6DD2F0FF9514EBF6EAD558C7D0~-1~YAAQVZbvUK6G252IAQAAW7ZepQpqNg0C0QR2CZ2vzDgYLn9shOmOlrl3xxLy1MCwp855ZMKYfdJLNXBXPDq1C7MIrGuJboLw39qSIhmcZ1fOh1aO2ELj9Ob0HlO0SmKRD/mEtVeTV8sDXt1TO043uhZNBMQNlkNJggedjUlSzQJO9xl3ojDNg5yZcS6K9PYVxUtOgb5fGZOphbDmc/wPOeH+3UQO6SNXqHUVf33m0keRx45hl/xfEGL7jeyKYF7OiMSrG42aWSH5ZBIrsZ70GKKvzqZr1zq2L5/eRbPlL2RCRdWC+of/yu2C51IMVNbdzj+lnA7xflwg7nbaOTwlEDZAvlscGVwgafCKfmKpyBRBn1Awa0gLVtOixH704Oym~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:47 GMT; Max-Age=31536000; Secure
bm_sz=8682E238EC3936D53D2AB49AF878E830~YAAQVZbvUK+G252IAQAAW7ZepRQ6JsXerWiz6pdPgeQD56RNVJI/tTDzDKfpBeeiKi5nAXvJ0XFR6xQr1LnLtRG3VwOBiYyOkUlXMFVhrfUrZdif+OGGc8OKMpdH62mJJIfgojB4eRiJOI8QY6Ujd0kUqRmp23g2IcHa/F0qUpvq+oAwe1FUhoHCP/SCRxfRSiJghB/Hvvs4quarVaQcY1k/9fB00PAmx1/PDzUH7/vIausqc7c4K8S4X+62vLUub4XCUDmCm1/IJi+SKCh8MZbm3UTficbrEfFw0EnSCX+rcdax/buv~3486514~3356726; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:47 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01XDr43_17111-8392
www--wellsfargo--com--6249329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 972 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2442), with no line terminators
Hash de601da3c99d3dd2f7df401af2b817f4
f291ed7bda862ee09a9f4358a6b69aa0d40d8f09
f1fdd4fc908bd6b7f32dd75f053b12a939ac6b5d3e59cf12be590cab79ec46f9
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 267
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:47 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 972
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-7dec485c-eb39-4ea0-8fcc-6d338d2c2971' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:175; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:c38ba3e4-eec0-46f0-ba53-2e5c4b4be4ae; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:c38ba3e4-eec0-46f0-ba53-2e5c4b4be4ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:66; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=95E3B87B86F4E41BF4FC2F0393C379BA; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 12:53:47 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306100553471846342111; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:53:47 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!7xu7crRrgipEXarz2xKqB3cO2dndHkqIB9kwbCXeMkj+4XBqZM2hjKs2c2fj3qyyo67miWQmCXPcr98=; path=/; Httponly; Secure
DCID=W3ZepMleDv16VthPhhTRvRWeHrPnBKFaQOpx1R0FZnl6BXo3RCt5F+i1jj0mLobm; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
_abck=AFFB0012E28A4F6B6289EDC24C109EDB~-1~YAAQVZbvULGG252IAQAAc7ZepQqu0WUgttvMxsOdWiAQ4Do6x1okvAlvhfJyq1okE1otRm9elZ2KJ0x3tX/60eu/fC+fxhDPeGvIueq/8bWJ9MM+MBxw7ex8wrYe1m6PGhMn6ulq7t50RWG7e+s/urHlbVQCF7L5OTLVFD4ye7rfFfl2MzxNAYV3dSESjSTqXOyLEFRkI3XTYNtV+g+RWl1oYhLvvYhFp9oF1bWQNScc4W7vONlCNSEwZMXKcNppVaMBk7LRWqB26w9oJFdjgL2VDdvwg6CGuD31CW01SE5Fz2Pi2dq7TEyUJOafkfKOpQi9pLiaBhTRptdz9DFGYRW2WQgPIpvJAfpv4Kwj/BP59Rz1JS6JNbDKmJk3IjIk~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:47 GMT; Max-Age=31536000; Secure
bm_sz=476B85F20A9B4CCB8920A4169E1B1956~YAAQVZbvULKG252IAQAAc7ZepRQCdImr/kRb2bwicUzNV9YoeumjL4WWpGqnZ/Vtr92VKa51mIHf46IguWjsIYewjVaEl76N8YUJv43b5SkV4Xef6ktvSE86g4O+aROPIHTwyzG6kENWiwFIlchrBslKYLQznzDiLuoBozAvaN7yjikq2nsIM5ogi3MryxjVkbrisQUvhylZrFVfQj0wcPjKqq06VoHVkiKGN1whaA3JAph12GWsPfSLxhuHU0Bhh0ROK6VvWsitV7/MbsjM191YOoWQ5KK2JCbtxi49fXrKs3oHenh1~3486514~3356726; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:47 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01cnE31_22254-25292
www--wellsfargo--com--6249329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 969 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2437), with no line terminators
Hash 4df9f870d480b36615d492495ddb0aea
c0a8bc0854a8c8489ec99b70548b95f3c1c099e5
6553fe70876f28bafdcbccc741146e72d594af85815610f9f5c052e7b02f9484
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:47 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 969
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-48958dd3-32bd-4045-b354-971c9e23bb91' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:175; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:bf484a3c-22b4-4e20-9d2a-b62863120d4f; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:bf484a3c-22b4-4e20-9d2a-b62863120d4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:64; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=5A0A5FB8EFC60092F6FEA1B5972F7464; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 12:53:47 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306100553471248308244; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 12:53:47 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!Q6hdlx+5cnp3D3/z2xKqB3cO2dndHupdpeN77FsZjOn4VwYIy2Aqq+1bZ+ceGPL6w0G7qpQQXdiuTX8=; path=/; Httponly; Secure
DCID=Bix69892ledhVwOznXh4dPwuVTifOTuV6FvgIKzeOq%2fHgsjn9qlaXP3S6drJIlvo; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
_abck=A2D0A26565501C9FEB7103A6A12850B7~-1~YAAQTpbvULhjTpqIAQAAl7ZepQoJmJw7fONPb7SrJN+FjYeqyjrbqtkI2APaSpJ/stFkdYDRmMBYrerYm3mhjau47qtvD76j1MrD4J0cP5AFveJHUIZqv4E0JiuCZRciLG5TUPUHf+j/2J48E8G7iLRgpvWw6mpXpKNKnjSegTnfkS04ETRtTSo9tyidnbX7KQynQWlSHRRr/j1YdCoP4YExbH9X/9eanBjFU3dH+L+Q693urfIoJxdoLsDaLj/kQGw8x5cf0H/wopeva4NXwylGuvxMrz3AF2IW6cPvWe5631JWsMq2ico8l9gDK24Y6yekYbjwF0QTkovdsiYNFN2dZ/k5HS5uibNNpwPwBp4DGhc7WexKq99h81b9uNUP~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:47 GMT; Max-Age=31536000; Secure
bm_sz=0788615CB71A6FA015189C5E715BB1A2~YAAQTpbvULljTpqIAQAAl7ZepRT6XnIkEb7+5AscuAGmnlSJzEjt92+ipsd68TcrbnF6uAOhbuwi8+f5EPvAq4S7PTndKntLUrQrFei6VVl4lImWwIdb1r0iAs6BL19JAw9pov4eFiqdnAF/Q1DmyuP/WoPMAshV9XoZ1Go/iqchJIcHHfBXsLi01u+SSGfaDAjiRHn56jz/QWGLDjnDTOEI1kgGrv5z6RK+T9ig3MathxM7wBPh/WUOOqDAI4hWQz9KNPkxy9RVWRxQNm7SA8FV1j1JajXmPL4q3Bx8fvEBKdsjiCjT~3486514~3356726; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:47 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01XDr43_17053-65280
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626913&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626913&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626913&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=fYZ%2f6Q+eXtUqL7gy%2fZO1Vo1q3nAF99tKxUEOb3r9IMUM4Pj8dDk1AJTAfk3Tta7L; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01cnE31_22203-29501
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
23.36.79.32200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=LQzxHcwWLWodGz+kaiTwSw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ec.js
23.36.79.32200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=YTIhZJnk6To84aXh6nrznQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626917&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626917&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626917&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ADDObi5RVzGCK2UQOT62e1PNgsbvJyfPlLP4xADSb8rX52J+X46trWHbWiOaqmCi; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01XDr43_17053-65281
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.20416142335870746
23.36.79.24204 No Content 0 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.20416142335870746
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /PIDO/pic.js?r=0.20416142335870746 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=xnAEnXc2bq5iic51Lv4%2f+aPRuFa8R7OLI4Ea1jrIR6o%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626927&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626927&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626927&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=XK9CZvzdAVFI+t59934b8Ube5nEzDJRmpCe5saaw4F42ddffv5QDJv69bHJdxW9k; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01XDr43_17111-8394
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626922&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626922&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626922&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=vUFSAY6AM%2fBvsJ7HCaDiLgUwtTGYHKQmK+zEvn3B6skePym8KV%2f8wTVi9VDCQCvP; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01cnE31_22203-29502
ort.wellsfargo.com/securereporting/reporting/v1/csp
95.101.10.185 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 95.101.10.185:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3358
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 84961abf-30e0-41ea-550a-0caa0445228a
X-Xss-Protection: 1; mode=block
Date: Sat, 10 Jun 2023 12:53:48 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:476e2a6c-c549-41ba-a1ad-e3de6bd6b4a5; Max-Age=30; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:476e2a6c-c549-41ba-a1ad-e3de6bd6b4a5|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2; Max-Age=30; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2|d:2; Max-Age=30; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
DCID=0XDQSl%2fhseM6bgNPpS8ZgfAqfgEzzilfngwx812dinA%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
_abck=E0A2CF91E30B27F631AB1C7D6FE09A62~-1~YAAQtQplXy/7D6GIAQAAirdepQpnLqIdlMNTdOYcK5OE8k7heJVsQhT6gtKdUdn/uUjeyRnDbQk0Gas+9slOvD7dw6wsxtNqHHh212/TsCoXc8UOSkyRGrge8QtlBJaWYEoX6PsKqvY4+wYW6nbS6rv3YGDZbF+Fi/4Kox0WJU1yI6RdVJQ0DMQowLvIJkmAFklH80W1LY8hG3xP1lqzhZya+2KYFrHaR/jXOIwymuSGLb+pr9nhEXlqANnWHcccwmupniyCYED0Nv4pQKmwfN9mDKer6a8sf1BOzhU34FBKU+ihg0gthAbSp6JnUyjnXqExDP4hTNIObcZA9QthJFFi3QPy1iV7QmqMOFJDS4GRQKIvHs5Z20AMKl0IA1NG~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:48 GMT; Max-Age=31536000; Secure
bm_sz=B8CFE97A9D45FDD627B6ECD09352CC8C~YAAQtQplXzD7D6GIAQAAirdepRQdOdcYKWhFH6F8e4U8oAdkClm4C5e8n6O4h5/30tCl4Hy/n9Ut3DAOGRdXo+p3GQNi6U2tBzwPeWAEtvughyDj+68SjOffdcCI4QTF62RDgeYraVnrVwMHnV68D+pXeViBg2cf5DHuI6zVTMy5LYCX2jONUXiM1RTgUzpVk31e5aMhue9LDBUroK7HhDIsA6s+MtNUVLbRDyYkrz8YT2R0u1xSZUJDULX7upfkml/AVxiYQVyxlPMINcCH0YrAanNlJ5ZNo9U98AyeK0ymtMb3i57H~4473653~4473908; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:47 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626933&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626933&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626933&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Q2b2pNC89wnG1rGC6ULenniD0ny6WMMF2h2ZhsKg2pXA662eGxHz%2fpkFsS8E8cs3; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01XDr43_17053-65283
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626930&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626930&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626930&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=NQy2LDYiedrrK2LtKMLI9dj2f+5iQwHk77FMnzrlj861OHvXJDovPGQZIS%2fbgXPv; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01cnE31_22254-25294
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626936&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626936&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626936&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:47 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=dkmBLwok2FfcDS3NRM5GUYVTyRkjHSxmt5M0p8IdCqjFT60BqB5LSCCmt9VDSN4U; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01cnE31_22203-29503
connect.secure.wellsfargo.com/jenny/nd
23.36.79.34200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash 09db06635b5109a65c2185e27857932f
38195b9525ffb672088061dbb53f105a94a3f7fa
b10c5fb8fa8b0a2655f18977ab811df0a1328aa803fb87dd7a62a7ca3f83cb47
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17921
Date: Sat, 10 Jun 2023 12:53:48 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:7d885f38-02a6-4d05-82c2-2c4b8d21f1ca; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:7d885f38-02a6-4d05-82c2-2c4b8d21f1ca|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Sat, 10 Jun 2023 12:54:17 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=l8Ae0rj4nMF96y2N5YP7EKV2v4NTpm6aWFhu21NwlPp4dzz7mXtrqZkWxG4ngoTX; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
_abck=0129D4683AFABA560EA0B634DBA26CF4~-1~YAAQHk8kFxYMpJ6IAQAAI7hepQpUnnTeAR3XvEV1+63UeQfPOHwMHtUzMD4WhzG3dSnijR9aNMlB72ys7BdxeHXtqTvaDUcFuMYLcVbddS79fCpvcSkWqkGvMr48E43U29f9MfdmbqC2mp2xolP00GflEgzwmcUyTny3JeA/cX9FBhhkp3Q6bgo2piDGTdF7tzIotdp2YNs+Bnk+/CQH5dWqmskJbFrDIM/pe7s2sbI0Gn0RcO3K4xfrsRbVEIaEnAZZZDj7rzHbrh2gkQNwbhBjqEgeraJC0JNhMnWNZ3Fqxh260B4T7cUNof3kiZnS28g8Q/tH+zZ/2uGGUdko7LKNYY+Tpha92wUKSkUlcA4nOrMVniOay8ShyofXiFEZ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:48 GMT; Max-Age=31536000; Secure
bm_sz=1CE78F13F49FA2606FC564D4FCFF279F~YAAQHk8kFxcMpJ6IAQAAI7hepRQj/cQ2TysqL7AyOpnzb3bniNEOXC7L1qKrs/TPuBXg03wCswq4o0I8VFZmm7R+lZp3CUIBoMKwzwXyi9KNNZSNcuAIwqKFNnrqpupODR8XX4UYyfS+lQmnTUVzyuVJ6xyOcUmdfsNw0M0SrWSKfdZ881xac94A/qQ9rkNvIPnORo2+9mqFxp8jkvIirrLt28/Grx7vkhylpB+iW8vTCh72VX9JEd0hHyhO8/5H2lnGmuHCTR0G9lX2+sgIElsKQYZ0wuXsNYJfnt/Q2FZiR+bL0V0w~4600134~3621425; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:47 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626939&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626939&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626939&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=09sc4znlXEhLd0S2+0Uz5gTzl9SjFbHPceVyusugt4vBUhlO68iMZsJ%2fu1fOjN4c; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01XDr43_17053-65284
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626942&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626942&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626942&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=7Lp6jtl2ECv1CByofNW7y8SaOwChwcZICEK6mOozKfII8GrV9+S3wnpvZ%2fEJO8XR; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725b_VM-ARN-01XDr43_17111-8396
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626948&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626948&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626948&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=H7WzhtGvWg8+sW%2fMTAN0wsJvYIdDAtXlTIShgg0R%2fj4E6Vea6FNiWEMr+DHMkCwT; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725c_VM-ARN-01XDr43_17053-65285
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626945&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626945&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626945&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=NeM3Hh5BhARvFdn8kDsjM+72FSFahhKjQ7Lyl0akl1MGOeT60d5jioQ3vwXzoODR; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725c_VM-ARN-01cnE31_22203-29505
www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626951&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626951&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6249329d48d6c.wsipv6.com%2F&cb=1686401626951&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:785b8e61-67d4-4b62-a320-5d0d76489d1f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:175; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 12:53:48 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ZHId45jTlDIW6L3bPfCBdHuNnHbTmz6gXzPw0pn8MS+3B0%2fdEWQcICh2GdxCtidp; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725c_VM-ARN-01cnE31_22254-25295
www--wellsfargo--com--6249329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.134.56200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ba58fb06832c7dd01f0720a73be30604
9fdf55bd69db3815362804eb116331ea501779c1
b6ffdbdb51e06f91d7e9a221aeacef041e2eda3a4f2ff2bfda1c7436e86cf29a
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2050
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0; _gcl_au=1.1.649785993.1686401627; ISD_WCM_COOKIE=!Q6hdlx+5cnp3D3/z2xKqB3cO2dndHupdpeN77FsZjOn4VwYIy2Aqq+1bZ+ceGPL6w0G7qpQQXdiuTX8=; ADRUM_BTa=R:27|g:bf484a3c-22b4-4e20-9d2a-b62863120d4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:64; _ga=GA1.2.903956499.1686401627; _gid=GA1.2.1037925654.1686401627; _gat_gtag_UA_107148943_1=1; ndsid=ndsal4s1arelpnlipzzjxa
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=4YwgOFwXELuhtW6ZpG1eR30mnkTa3S%2f2trgtLRSEpmA8WSdwhpY72n6o8v0H92TA; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:48 GMT;Httponly; Secure
_abck=35BD06A126A0D4D3F1FEB155C2DFA767~-1~YAAQVZbvUNuG252IAQAA1btepQrUZhI7Zc5OmfObuEUpi5L9gB6n9TBJd1kTQxRgSPLigPna/Dm49tyOkx5ZoA9/fQhrizyHw+/j0JIERgewykI63JTzktUalMExzn2ZxhR4IbzMpmdCuPTO15kyoJkF1M3AK7u/rA4sv/GNDsaB0oVapqQ+hpzNeh358tXEfxb4HB+tkQMHCHBloifBIYfdlo33ibWa8tDi1dGdhhtbw2TqsEm42msk5Z3HPvJmceA4D0FVPPJB1iqGi5/r/AnWJvvIQ9f26cWQ34Ktn99hPzPWaFt2gvC/82YwK+ua5tvh6K45QdBdc2LpavO9hAKN4MHMw19y+ELlF0Shnk60pO8xVDXp0wUV9B5rTTOr~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:49 GMT; Max-Age=31536000; Secure
bm_sz=A9570A179D9531356A23422880BB3AC4~YAAQVZbvUNyG252IAQAA1btepRTA6KTaVNvnQGtMC5+mBSrSaZtTr1NWCdLcI4trzwn53t+AThoetpCEHsYti8rLxzvKAI/3mg5bMdrVRK2fQMol7d9KKnTgl45bI3yTsR2CYtVGL+rs3mewYpR4pMnLZfQBoD9Gm+llRCMSDjeZSNZeNaViyyDfqTnXSN3VowoyGGqmckfVOVsENCyNmPzrTucH7oy1w3zfZILVdGVRfyb4BBBMZJ3+tfD1PPodzbQ7QM+UU4Mdh0ZEc0J8WjDsuuHAywFAwWVhiTsFzJEPnuPUtIIf~3228225~4342071; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:48 GMT; Max-Age=14399
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725c_VM-ARN-01XDr43_17053-65293
www--wellsfargo--com--6249329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.134.56200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 8cdb15bbb05b1e0065787472483b995b
ae00cddbdbb420d5e51cca316da4d1fe2262cc7a
4d0287b677da930722de61cfa6a19cb1633562dedf426cdac2f3c7d1eeefd2a8
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 852
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8%22%2C%22diA%22%3A%22AV1yhGQAAAAANJAtaNj6O1hqgOng0y5x%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0; _gcl_au=1.1.649785993.1686401627; ISD_WCM_COOKIE=!Q6hdlx+5cnp3D3/z2xKqB3cO2dndHupdpeN77FsZjOn4VwYIy2Aqq+1bZ+ceGPL6w0G7qpQQXdiuTX8=; ADRUM_BTa=R:27|g:bf484a3c-22b4-4e20-9d2a-b62863120d4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:64; _ga=GA1.2.903956499.1686401627; _gid=GA1.2.1037925654.1686401627; _gat_gtag_UA_107148943_1=1; ndsid=ndsal4s1arelpnlipzzjxa; _imp_di_pc_=AV1yhGQAAAAANJAtaNj6O1hqgOng0y5x
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:49 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=l6W12TQEWCU363QnjtF4ddMeVXYEEM7x4Si2L+aGHpvmf2hRPdLcpKpjy+vDF0GJ; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:49 GMT;Httponly; Secure
_abck=EA9499A610C11AA5EF364C4F1BCAB2E3~-1~YAAQVZbvUPiG252IAQAAW75epQqJQ2UQ3JGY+tLGZn8Aro/27ZaHqWOQHLyFYGLZQDfM+r/p62/TZCF01uVyZpZqrXtfdxJj2v1NBrzuwoh/UXSaHg6Vk0pYfUlQDgXpo80x7ZwI/GRGX8Km6GeFPEFtDQmFyUYsKCAnXe/G/5zWqWf54Pmux+Cwu2iEmUctC44pezXpsTCM8oUVRmP5SnO3tWXish7cJ4ZOgP7EHcI6PbfJScB4ds8cbIiZT/tCo74b8s36ZTd8RF59QKzNzP09GkDcxvP9fjqLepptXbtwTvDPdYchFXGuyucnSh88BolsXnZ3qATsoZX2mGAa9jQRMXkzz2J163IEjGel5O34wGAgjF5PjF8On0XqtV6A~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:49 GMT; Max-Age=31536000; Secure
bm_sz=927250341E39F0E7683B02DC715B8187~YAAQVZbvUPmG252IAQAAW75epRR8ocbEIcYvaH9LS3Sc2SuNYSVndiILgY99EsTbBdWuIMQt0fegC8vhhjR8+/SizSCuVyvJCT6gAndgwJpBwE4Xne0MNfhe9JXyK46HvrAWY2I1rfVrykz8ssD+LfCoFXanIoO+oGIFrbHGCGCLYVLNFDjTGFuidzIEUMbycB/t9rqK9PrMes1zjaL7B1G+tvsN5X9vASd/ui/T5pZkrSeBEgyegfowQamuBhTgzaa2kyBFpjpoFeVN3AqCyzr1nN2G5gAZhoNXnHWbSF6Hlmx7REBr~3752496~3163445; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:49 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01cnE31:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484725d_VM-ARN-01XDr43_17053-65297
www--wellsfargo--com--6249329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.134.56200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--6249329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--6249329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!8XU2P81BRu5JVcwv/BdPMOHVwv+ySf39X/GLHnJsc80nhMJuoLkB/Ozj0GjxRp4CIH2FUL2fc5STwxs=; utag_main=v_id:0188a55eabc8001fb090a649007205046003700900918$_sn:1$_se:2$_ss:0$_st:1686403426348$ses_id:1686401625033%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C30894452202767540030495448787463619743%7CMCOPTOUT-1686408826s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ0IYYFskizF8CmqsybRuJ1nONy89TnZlV0u%2BjScnIQ%3D%22%2C%22c%22%3A%22VFZNcUt1UmExMVhHV2I5VA%3D%3Dsu0smbyqLZsdV5AD2kY6tVuvnIdFpCn648bD-hOtIuSahkwdeSybpB8RU_jiD5Ezy5WKlJg6FTWpoUPz3hu5XFTq6nG_7BSAUlE%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22Rht0UoI8lirPHjSr4REHmX7%2B%22%2C%22diA%22%3A%22AV1yhGQAAAAANJAtaNj6O1hqgOng0y5x%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22YYzOkmG4E7C8Ay3ufBwgnQ%3D%3Db-w_b9tYTLeXXm4sGTpma-9jatkLRuBHSdlwOb4lmaxpTvMbNVUziXPXXN7wL0L96W5mOOwIS8Srghs-Zg5mlDn02DlwDdFuJFhtshPjeNu1ev6HKCT5PlM_TGLKwP4kgoIu3WMeKevoGiKgU62myCfsELlGUy0BBilYyxNZyjA7DlmwfDMo4UIs%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAfac7Rug33II%2FE8%3D%22%7D; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0; _gcl_au=1.1.649785993.1686401627; ISD_WCM_COOKIE=!Q6hdlx+5cnp3D3/z2xKqB3cO2dndHupdpeN77FsZjOn4VwYIy2Aqq+1bZ+ceGPL6w0G7qpQQXdiuTX8=; ADRUM_BTa=R:27|g:bf484a3c-22b4-4e20-9d2a-b62863120d4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:64; _ga=GA1.2.903956499.1686401627; _gid=GA1.2.1037925654.1686401627; _gat_gtag_UA_107148943_1=1; ndsid=ndsal4s1arelpnlipzzjxa; _imp_di_pc_=AV1yhGQAAAAANJAtaNj6O1hqgOng0y5x
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:53:56 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=bQ2GT89M6mDtDHBe9Qw9IV3ukii07JV3Lz%2fVTKstr+27JnQIbXhSxEGhJqKvRpub; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:56 GMT;Httponly; Secure
_abck=0C9454B6831FF7D8B8BAE9956E32B1E3~-1~YAAQVZbvUMSH252IAQAAQtlepQqxVdktjvEJw0VQiHOE0V8umkVTWuOxErwOAS9XtiS3loREVNelVZ2dvqu3qQnhYneCVrHJqwlv+EzEBJDNzkBQtBEBYCv+7pfzcZWZRbYOGPqWWVuqIGQvxBIkkVg9c1tUd+jhl2txPhr2n8fl79YKZB8EHnE8FxQuvvgbiz4n+xWZhhHdl5AvBD7/QBtLEPp3cblEZLjLnbkYPgTt8GIOOGgxrlipsKa3/OsdXdxBFvvV/P0jFACQr+nFKW8dV/IAIN/vlEv+Pk/aUJG0zVSlDxQmTzaYjIClL4oW77EuMdh27kGyNoMQyLAQbPgy0bAOd2OOr2Wb9SBHPpOkkVXa0uFCirhGe+zkx2IW~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 12:53:56 GMT; Max-Age=31536000; Secure
bm_sz=5F69C5DB30DAC8330C12514003EE1FC7~YAAQVZbvUMWH252IAQAAQtlepRQGh+2uZkR2pF6HPkzFYMPtC7GMzxAouQhDk7IMM+2WjGwNb0zmhoOjEj06Kb4/aB8jOgDP40ZAtD+7mVfkpTViO/W06FjIqhFUyzQ7y8oqtKxwilhN0rBTRBmVQVvTOszk5UF4ihRIIaImCLfwBBW6nXdvHkws3Pps88K/tNppgvLpVuLICxAV5Z9A+a0TEdyeyOvsFwD+//qiKJtN02cqOr/oKkPXAilGXuuIDG6M2xJxHhzlv1X9hjPiJVRZ/GT1rhQn4rnKov/OtranqfmyoflB~4342579~3618872; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 16:53:56 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01cnE31:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64847264_VM-ARN-01XDr43_17053-65351
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pid=25e99304-82b7-4e0f-930c-e1a3cc14c854&sn=1&cfg&pv=2&aid=
23.36.79.9200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pid=25e99304-82b7-4e0f-930c-e1a3cc14c854&sn=1&cfg&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash f980af691167086047659814849a8f1a
1c9d5b181a8edff5033b85c6f7c8fef2270e03aa
45a0a76256982e829aad4980b82b52cdbd18c0ee73f0a855d788321d6df1e0aa
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pid=25e99304-82b7-4e0f-930c-e1a3cc14c854&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3624
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 12:53:58 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!lBjO5pOndyJsDwfpnNE5eVRfS7HzY1hwTVoG8968DAmcEF53+g03cZv9/IHR4TNq+HzWc74xVqYd/A==; path=/; Httponly; Secure
DCID=7G2u76VWi9BB85hKq6IZVF5cjVYX3kfPs35MH14h0noUEaolK8Td9YoeNv9GUu3c; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:58 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pid=25e99304-82b7-4e0f-930c-e1a3cc14c854&sn=3&cfg=32a3f9ce&pv=2&aid=
23.36.79.9200 OK 165 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pid=25e99304-82b7-4e0f-930c-e1a3cc14c854&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 5fe52d9a56edd683649f994eb1dfabd4
4f4040d25c26e2a8c03738618cf8d48edbee336c
2cc1482a6a45469be415fe3b2e4355b9c5d4915f525f09f34906baf16beda03d
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pid=25e99304-82b7-4e0f-930c-e1a3cc14c854&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50833
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 165
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 12:53:58 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!JTnGgZxWuK6JV/TpnNE5eVRfS7HzY46CqUiZtLQ8jfjXfH2cSz5aS259hnXXYKwrh6q7m07kWYecAg==; path=/; Httponly; Secure
DCID=kLTfv8vestx3d8s7MUDvkbM4EKDc29xd+NKDY+Swtb8eFphLc94H0HbqmhU5O2TW; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:58 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pid=25e99304-82b7-4e0f-930c-e1a3cc14c854&sn=2&cfg&pv=2&aid=
23.36.79.9 1.1 kB URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pid=25e99304-82b7-4e0f-930c-e1a3cc14c854&sn=2&cfg&pv=2&aid=
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash f980af691167086047659814849a8f1a
1c9d5b181a8edff5033b85c6f7c8fef2270e03aa
45a0a76256982e829aad4980b82b52cdbd18c0ee73f0a855d788321d6df1e0aa
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0&_cls_v=61b48273-7be7-4abc-80e3-dea69f159608&pid=25e99304-82b7-4e0f-930c-e1a3cc14c854&sn=2&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34531
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=222a10da-5f5c-40e5-b2bb-ea3401deeba2:0; _cls_v=61b48273-7be7-4abc-80e3-dea69f159608
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 12:53:59 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!uNoZ/lVWL7kSi6rpnNE5eVRfS7HzY7CVteuF7ND9jhcb7kt1HMV9apERsNmX4XZTk1HBd9j8mbsKMA==; path=/; Httponly; Secure
DCID=ByWD5dkfkUdhBrqNPEWEk0brB70jKr6gNR%2fLLlMwupSLv0UXjJaTVPoN7M1mJA6X; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:58 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
54.213.92.104200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 54.213.92.104:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 932
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:53:54 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:91575d1d-a02f-4f7b-86c9-f2713a0df2b2; Path=/; Expires=Sat, 10-Jun-2023 12:54:24 GMT; Max-Age=30
ADRUM_BTa=R:55|g:91575d1d-a02f-4f7b-86c9-f2713a0df2b2|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 10-Jun-2023 12:54:24 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 10-Jun-2023 12:54:24 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 10-Jun-2023 12:54:24 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:5; Path=/; Expires=Sat, 10-Jun-2023 12:54:24 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
54.213.92.104200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 54.213.92.104:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11209
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:53:48 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:f3db03de-e452-4e68-9e6c-c2d7df2ce866; Path=/; Expires=Sat, 10-Jun-2023 12:54:18 GMT; Max-Age=30
ADRUM_BTa=R:55|g:f3db03de-e452-4e68-9e6c-c2d7df2ce866|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 10-Jun-2023 12:54:18 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 10-Jun-2023 12:54:18 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 10-Jun-2023 12:54:18 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:9; Path=/; Expires=Sat, 10-Jun-2023 12:54:18 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
23.36.79.24200 OK 862 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 862 kB (861472 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:53:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=iN3me1BnWkno3380Fp0cEiTgVBBKiu9W+5+mkIeTqjnvMKdcZhhtFHxmteb4ahZH; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
23.36.79.34200 OK 583 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 583 kB (582679 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:53:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=5yq4yNygTUYtbpKYv1u%2fuCW%2fESeSDwgy3d7DQvTbyhi44uvjSLLlZ0GOVfnWWBeD; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
54.213.92.104200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 54.213.92.104:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:53:47 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
54.213.92.104200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 54.213.92.104:443
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:53:47 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
23.36.79.24200 OK 857 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 857 kB (856789 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6249329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 12:53:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=cW1a5FjRjsuRK3u5MVW44ifLEwbEMPw9ml+Ku4NFw8o%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 13:08:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains