ocsp.dcocsp.cn/
47.246.44.224 471 B IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 9c388f256787fe671b209b4549c25609
bce708db1ad56ad352ef1c726fbdc4164741f7e0
eb1329b189207ae0f74aa1fa2710665c98b0c0245a3156046eeb39db51bda913
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 03 Jun 2023 23:58:48 GMT
Ali-Swift-Global-Savetime: 1685836728
Via: cache21.l2de2[0,0,200-0,H], cache9.l2de2[0,0], cache2.se1[21,31,200-0,M], cache2.se1[34,0]
Age: 2530
X-Cache: MISS TCP_REFRESH_MISS dirn:6:181977399
X-Swift-SaveTime: Sun, 04 Jun 2023 00:40:58 GMT
X-Swift-CacheTime: 1070
Timing-Allow-Origin: *
EagleId: 2ff62c9616858392583951605e
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
163.171.132.220200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash e9b528de02d23a4b0b312e0210a3e437
ffa134abd3fdc323555c5b43a43c05260dfead54
43ee0541b2328a9281fa7d158af4a3a2be4e3d682a9f71bf864d2df246c9651c
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:40:58 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18850
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-0033b60c-9b50-426e-a18d-d7bb2e690650' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18777 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266; Expires=Sun, 04 Jun 2023 00:41:28 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:41:28 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:41:28 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Sun, 04 Jun 2023 00:41:28 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:72; Expires=Sun, 04 Jun 2023 00:41:28 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120230603174058848896031; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:40:58 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; path=/; Httponly; Secure
DCID=+0H3X7AN%2f0jtewa4Nzghaje41JKL2GRyGhlz+D5JdQ7+52ZO7A6S2T6WOoHB+QBD; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:55:58 GMT;Httponly; Secure
_abck=295A7D02614A9D5A96BC1FEF982E83B2~-1~YAAQlNAXAp054naIAQAA9KPZgwp2NwcP47+/EVH4SBSb2jmryL8bLj31QtL8I9LOQx4y8RjrYyTA2ZbwwZMpc89l/pND14JAuViDERT65vUjYmh6o2H1Sf2VDS5tuygXH7Wr5xPD3qDt4ne8agzInQ5CmXcK3y8m9KeYnlv2Be6UGM480/TTk8+7ILhhdqETrfbLlw16+LYIWIZqItDZr1ckeu+PfPqsQm+CcvS8SUnI6wU0f+a58J9U3cYsJA7XLSnepRevsVh6NkHxnCYBpAW282Y0Z+cR5ODDTHNuF9ACEGGLYyrgGPEtPM/AgWuYNmjtV2mg495kv4pJyHvnbdx/b9LEWGHxXaUL/CIFuY8qcoTJEWkIyHDpqrS76F12~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:40:58 GMT; Max-Age=31536000; Secure
bm_sz=3DD4D902F452AC0F0087137ACB727722~YAAQlNAXAp454naIAQAA9KPZgxRY+tZNcm56zkvvqPrdH/r02Gj0tEwacujXjy/MPiQd6geLm50t6jwORBVdH8XWhOMzjUUa9+8tMEhSAnG8HcTHwUfoDaqWbPo2LCPspc68+K6pjq/Pj26uEk1UYyGV3D/aZpLwyf3OtGGUPnZFgA/30yzTK9/r41diUmzkEJ04z6mPCbpZ3Prf2GoAUA4eEzAF4q2oBItzMr6+oa4ZceCny7dbymf++aJ1mRki4t+a76UdlZbfcvnehhnkl6tX5MNnJHgO94lvNJ1WL+qzuk22RhxE~3748403~3227955; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:40:58 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9a_kf173_12358-26447
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=1039645
expires: Fri, 16 Jun 2023 01:28:24 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=1039616
expires: Fri, 16 Jun 2023 01:27:55 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=1039805
expires: Fri, 16 Jun 2023 01:31:04 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.26200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sun, 04 Jun 2023 00:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nqc5SzHcqbrmWsuUoFqvTQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Sun, 04 Jun 2023 00:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=s1UZE0t1Kq7fCKPq6iXS6A%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.132.220200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:40:59 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Sun, 04 Jun 2023 01:10:59 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9b_kf173_12446-31210
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.132.220200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:40:59 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Sun, 04 Jun 2023 01:10:59 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9b_kf173_12408-63803
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.132.220200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash fbf369305b43f874774118d4d06c08f0
74fb2f7224b54f74e30d0629fa778c073a2803bd
5627d7f5ee7462f98e678c511a5c67225eff627f6f259d7038d6baf44989cf79
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:40:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4283
Connection: keep-alive
Content-Encoding: gzip
Expires: Sun, 04 Jun 2023 00:40:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A32l2YOIAQAAIqi2EuXpNw_zuty6ruva1o_B75vmcU-YvW7OQvUsGSx7J0kkAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|c33fa83bb12f089d08139028cc9eef9794f6f829; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=9oa9NmuFa49ieHAeDoNqRrCaKvxBczNubpPAvHuieXXOG4qfyQhaJoFj+7QSU8q5; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:55:58 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9a_kf173_12358-26455
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
163.171.132.220200 OK 77 kB URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 3b2227177307401f0ad66f16a01dfd5e
098aee523bc90b9abd2658dc3cad2b8d984c148c
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:40:59 GMT
Content-Type: application/javascript
Content-Length: 76583
Connection: keep-alive
Stored-Attribute-Sha-Checksum: f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Last-Modified: Wed, 26 Apr 2023 15:12:23 GMT
ETag: "5b8f9de7319f5214c46d203ee7c78f9bf749d0b7eaa059e3b1056741a3d903ac"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=jK2WR78GV%2fBO5hYDTUhTdw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=1B25A7C57EB102A2703193C337C8FEDC~-1~YAAQlNAXAqk54naIAQAApqXZgwotn8qpPfYZVFbGdFQ+0dp7hLumNMSwzTV6/Kbn5bSb4vhF0tnqNgjMTfS9YqskNpRz/SkEJfMRDBmy19J0qjjW9Q2G0EzCbhkmmeT12yubEMCxL7uW+LR2KqOlXhr90IeIoaQLfWqpTjy7W/7DH72XBGmF32ASR2SVGmixgVGSwZZT1ycZjuarY7jcC3hOIcQld1V+ENbujqc8OY3P9HQRy/CLRUHYJj4oenwECGDZ8HI/9dKQsciJPswZ3oDVNQvfYU/fGgI74DglGiO94OIYeBV1tBXYz++1Y79P/sdVwZNkDJLEnJD9R7STWOg4pETNJPwz+mNbDWzOnqBIM9z5MSl187gw+IWB8eVb~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:40:59 GMT; Max-Age=31536000; Secure
bm_sz=2AFA248D10D9576301F0F0D000F6F930~YAAQlNAXAqo54naIAQAApqXZgxSvpK70WEQTDo1cb2C8Eaqr53VbfwflhXs3Rc8hNkTK6JJrkGa0FUoSV8FninnbHy2RuI0SJR8a4NBHk5KWZBivxFokrbSMsrGg2Kr6y6B5r/H2pybPT48yd5YPOmElR6s/991Ti3FUqOPH4JHDVIjuGfh5FAk/Glh6L+w/m4em5NWlWfXA4W9Deu7HBdPdHPYF6qem8aJGNS3/q6bQNs/tK7DNTpL+0HUDFizGiUXwfNhQuFiFUfNMuS6T1WhDQxKb9OXRcGybN+mQDYJXjDaXW7iZ~3748933~4342839; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:40:59 GMT; Max-Age=14400
X-Via: 1.1 kf175:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9b_kf173_12394-51396
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.132.220200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:40:59 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Sun, 04 Jun 2023 01:10:59 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9b_kf173_12434-19003
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=6321414
expires: Wed, 16 Aug 2023 04:37:53 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13859165
expires: Sat, 11 Nov 2023 10:27:04 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13859165
expires: Sat, 11 Nov 2023 10:27:04 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13705992
expires: Thu, 09 Nov 2023 15:54:11 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13859132
expires: Sat, 11 Nov 2023 10:26:31 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/target/offers/conversations
163.171.132.220200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10643), with no line terminators
Hash d7d16e0d13be706a059edf77def56089
e7d0e142ca493848cbde9dbd0590c82a88d67248
b1af1eae4c4de20a7b012a682085097df329742e4b5813b8285e07b8a1df45bc
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:40:59 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2091
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-c892dba0-824e-488a-a4aa-34e482bd606e' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:72; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1df9486a-cb79-4892-91c7-e7f87ea86ff1; Expires=Sun, 04 Jun 2023 00:41:29 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1df9486a-cb79-4892-91c7-e7f87ea86ff1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:41:29 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:41:29 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Sun, 04 Jun 2023 00:41:29 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:151; Expires=Sun, 04 Jun 2023 00:41:29 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306031740591013444771; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:40:59 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=7DD487141EE6180976EAF9D08F87A790; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=NWs0ZcBXAfAGwzjpskcf8nDgYQkmwUfMErWUSFSTg5fLdTMrelXaeei3mf8Yq8g5; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:55:59 GMT;Httponly; Secure
_abck=F8E8A19277DA1A873BDE9F04CEA30E52~-1~YAAQjtAXAjSESoGIAQAAyKfZgwogG1GUnClyEFr1ZISK8N6L8VTfuH9GwVrcD33Z0B2EtPStTcTp32xeBevuR7ZYLp3fRzyurq8C9lSux6wF1vVv1XJyoLreDLZf9k8RtRbJ+sAuCsrkiBNM5tvqJFHciB8OfToinVwwwCl1TnPxQz35LCHZZonfjp2P39xT6Hz+WAGdPWLm0IkcerkcixM/JIj95D1PV8O3WvxXrh9m4ny922ClsvIpmZcV9tlMBwbud1mRxbe9LDaxVSNfiNbQDiJ2plYzaDmLV1bm/CmMfAFNExXE9Fsjf3xpopjgjlm6AejkVHL5ExUOfmdBv5tHSfxvqFM38zuBfsl1R3wkpfjXdvZWg8bITV6y9gnu~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:40:59 GMT; Max-Age=31536000; Secure
bm_sz=61FE7A7DDA69BEBFABC196EA0B8DCECB~YAAQjtAXAjWESoGIAQAAyKfZgxR5KNOQy+MwnciH7i6VO/RC5ORfKad0bnYG2nNX8h9m6DYKjnQFl+yev8q//ymez4mgaM91p3kxVgr7xTJ0Cq6xs6n0vkjWGucLJezpYTDUeFERiBkRV+p+KvgM9WFhArroua0x6uoYl8ro7VCds0RX2bYlNm1rX4TiYaa6tDKTNhJoeOaJmQaj42Ebb2vmXY69RJ9YVhYQY1jNZLLhmRipVX9FDLLOx5tpd2jdwJ4Oyz3Qaw0TjyQiUmCT6JGOWt9nl62CHTL2CfNrZcEmCgSLWY+3~3748933~4342839; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:40:59 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9b_kf173_12446-31219
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1983
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sun, 04 Jun 2023 00:40:59 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=bSjQS4%2fRfV8xWKJSiaeL6g%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=bSjQS4%2fRfV8xWKJSiaeL6g%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=D98EF54CA375030D429263C9A1787D07~-1~YAAQlNAXArc54naIAQAA8qfZgwoo4fwLtL+7/QT9J4ibZAz4whrRxKpJ/bWBJmgrnxPwViUtN43n4dUYPKVB231bwEqS1+X5VGb5Tkb1rd45Hnb+/EG+11GGJo7BE8twAyjp5Wj9KYuB9NzTBElEBBXsgg/xnPv398SQ+utvE4QlE4sBlI7v2CzWaI5sAV1T/suRsMDUcHQVwxeCFWs211lBQx5PUsfFH0yQMQSmlLNxhxSeHYCkF+h3bkeZSChIQbUuPX/zzlRmEvN6QnUvU43e/Iv7grSUeD/H4FplQ+2/c3iO+6GvZJgN9120er8v2FYbZV6dySKqHTgEGfZV6nvuFKc/J5JBgMBvLlf+DA+6Uudp5Nv+gO/xs+nymVlx~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:40:59 GMT; Max-Age=31536000; Secure
bm_sz=C42A3CC62CFC3DD9912F1696B0D611EB~YAAQlNAXArg54naIAQAA8qfZgxSjRYN9EiUDU4cX6VYHQZoakcqk7/sSXKDIfpyudkGQRL1RxYTM2Eu2Z2C9WZ5uKkTiGnw29ZXLx0w30y5UMD1bD9IZxE0UAAvc4ZklQC5Xn2uE5NQ3uyN4guZYLuHP4llOKJ2ncJgH6C+Qa/3NPjCTSXVIHN9wdkfmPhrCTEWpn/QUcyiEKvdLikRSIUxLgN+bYhk4rav0bWXRLgbUmsdDdWhtWwy9Nh3vJySIVRPkqM31QAw3d5U3OYTstYgpTbhNVqW0z49gFHVUYCjQZ/d4VVLx~3748933~4342839; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:40:59 GMT; Max-Age=14400
X-Via: 1.1 kf175:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9b_kf173_12408-63811
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AECXz4OIAQAA_V0CvTiEzUDiTkHnZfv3r0CtJGrgdlODUV0AeR6dXeppJYm2&X-G2Q3kxs3--z=q
163.171.132.220200 OK 150 kB URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AECXz4OIAQAA_V0CvTiEzUDiTkHnZfv3r0CtJGrgdlODUV0AeR6dXeppJYm2&X-G2Q3kxs3--z=q
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (150023 bytes)
Hash 5a70cfd2acea003a2279bced9368eaa8
c13dc031d9ad3de814f494f2b80464d5498a0706
f6636a9ffe524fb312ae9ee07364c01c7eb3ec539eb74e7d39a63774d1b350a2
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AECXz4OIAQAA_V0CvTiEzUDiTkHnZfv3r0CtJGrgdlODUV0AeR6dXeppJYm2&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:40:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sun, 04 Jun 2023 00:40:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A_6m2YOIAQAAo0GTEq1gPTnjuhLuME6PjUkqlZKlxel5aw5kOGOQsIup01twAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|6749a57530c2d4d03d945a8d471f045d546a8aad; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=sxO88WgdHUtZLLlNraR8p0ZEPJ5Emh084A137f0wurpjECEuglZw9bVfKSpjyUlU; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:55:59 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9b_kf173_12394-51421
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
104.110.27.78200 OK 24 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87b3f9d652a18e74ea8ef53a99b251d6
8773c9b3a11fb9247039d731888724ccfb74bb5d
86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c49-e902"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 23508
content-type: image/avif
cache-control: private, no-transform, max-age=1039729
expires: Fri, 16 Jun 2023 01:29:48 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
104.110.27.78200 OK 3.5 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d1b1a3360bdd72738e293e52317421be
959dd982844853f38ab34579ad4738ee17b263d4
e03095c638618279cc642e7a7e10d962f3d7161eb34a25c9a2407045fead2391
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61a7e46d-e1c7"
last-modified: Thu, 20 Apr 2023 01:30:27 GMT
server: Akamai Image Manager
content-length: 3542
content-type: image/avif
cache-control: private, no-transform, max-age=1039656
expires: Fri, 16 Jun 2023 01:28:35 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=998056
expires: Thu, 15 Jun 2023 13:55:15 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
104.110.27.78200 OK 39 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 5d115cb30ce945de0d431748aa0b6073
e1af15a87872a93c56598fe21c82c252a7c82345
8f0441ba6cd327f630ce1653262816ae3fb9abf2db73b70c50be3e66c51dfd8f
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505859-e2ce"
last-modified: Thu, 20 Apr 2023 01:30:34 GMT
server: Akamai Image Manager
content-length: 39415
content-type: image/avif
cache-control: private, no-transform, max-age=1039718
expires: Fri, 16 Jun 2023 01:29:37 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
104.110.27.78200 OK 25 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash bf978a151ba3f10a7412e8cd5fbdb863
2af8e9c16c4f1e96ba1e86beee63521c802c2cce
ac555d446e447b4c8cf2bf2dd377d53c3b21faf83da3259dc8839c782eba1d9e
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6350580a-d82f"
last-modified: Thu, 20 Apr 2023 01:30:23 GMT
server: Akamai Image Manager
x-serial: 1019
x-check-cacheable: YES
content-length: 24880
content-type: image/avif
cache-control: private, no-transform, max-age=887390
expires: Wed, 14 Jun 2023 07:10:49 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=1039709
expires: Fri, 16 Jun 2023 01:29:28 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1039785
expires: Fri, 16 Jun 2023 01:30:44 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
104.110.27.78200 OK 2.3 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 3ce78d6dc48322da6961f79a42940dab
528dce02a84b67925d3e41632eaa418f0de7ad23
a137906477e02c4e3a756f805d90072a0c2e5c0d50290f0932de573ab29de76f
GET /assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "641a0e62-1da30"
last-modified: Thu, 20 Apr 2023 01:31:14 GMT
server: Akamai Image Manager
content-length: 2317
content-type: image/avif
cache-control: private, no-transform, max-age=890389
expires: Wed, 14 Jun 2023 08:00:48 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=1039806
expires: Fri, 16 Jun 2023 01:31:05 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=1039769
expires: Fri, 16 Jun 2023 01:30:28 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=1040058
expires: Fri, 16 Jun 2023 01:35:17 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.132.220200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:625e27d8-43a1-4e72-a876-63f059d86266|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:40:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sun, 04 Jun 2023 00:40:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=HBOWblAYX6p22GeHqLLTyKUzgGzjEeYb2QHcldnbBa758J%2fUnSKxhboxhx5stOQV; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:55:59 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9b_kf173_12434-19010
c1.wfinterface.com/tracking/hp/utag.js
95.101.10.106200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Sun, 04 Jun 2023 00:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=hfTj6qEJrkWsqAhs+PsSAA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=29287
expires: Sun, 04 Jun 2023 08:49:06 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=1039792
expires: Fri, 16 Jun 2023 01:30:51 GMT
date: Sun, 04 Jun 2023 00:40:59 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=1039744
expires: Fri, 16 Jun 2023 01:30:04 GMT
date: Sun, 04 Jun 2023 00:41:00 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=934596
expires: Wed, 14 Jun 2023 20:17:36 GMT
date: Sun, 04 Jun 2023 00:41:00 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=1039616
expires: Fri, 16 Jun 2023 01:27:56 GMT
date: Sun, 04 Jun 2023 00:41:00 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1039752
expires: Fri, 16 Jun 2023 01:30:12 GMT
date: Sun, 04 Jun 2023 00:41:00 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=1039771
expires: Fri, 16 Jun 2023 01:30:31 GMT
date: Sun, 04 Jun 2023 00:41:00 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=1039990
expires: Fri, 16 Jun 2023 01:34:10 GMT
date: Sun, 04 Jun 2023 00:41:00 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2714
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; ADRUM_BTa=R:27|g:1df9486a-cb79-4892-91c7-e7f87ea86ff1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:151; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:1$_ss:1$_st:1685841060341$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sun, 04 Jun 2023 00:41:00 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=8DtXW8tRdn4fsiGL64%2fm8w%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=8DtXW8tRdn4fsiGL64%2fm8w%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=4927546D2EB506045C9DD1C07ABEF25C~-1~YAAQlNAXAto54naIAQAACK3Zgwq1zPJmELEGzOOttBfpJlA9BbDd0/GS9a1QimXOMA3Vv7rYgjE13ptQgdZTtt3xl+7qZmyxMAuYvaBNVNp1+sS0XopcOnNqZYiNU9B/j2veCj2FwrmBvG6thqMSkS8tuKCMxfaxokgpX4P1r+0zRNq79ohU+04cIMiGCm4eQ7CpDKVdmUHu5HrsF9WvK2p/VOLUWbCFF2TPIM1L6jt5i9mm0C+bSWICfWMcuZP0b+m22EAfRgwdtewVxQ1R6TpM7G9uQRS94G1At7eJYXVL1HYhcXug26TrIzzJjTCozCJ1pXaw56YqdJOs6EcZEYQ2nGfsIgCZZkTJPZtYen6O3/sEsadMS3R+v6kYFDIh~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:00 GMT; Max-Age=31536000; Secure
bm_sz=120347AB9A6DE39C01F3A17172CD429A~YAAQlNAXAts54naIAQAACK3ZgxSLNy94KstIvshVEVlEdZ9xb5xuIOkd5wUsbcFVuIngIOFwBaiYGX0o6b9HssekG9iELjOHcAJB0NRvahFvwjD8B3Ueg2ALwiEvzCN2ppXinrKE12P9XoN2tApx8L8D8D9cCB31/73nYhjyr/Usm0TvvnDYXwz4OlspkvpJ7ijQGzlyGXkEhzGNHlib6Wrq+lQBmTzE1Dh6Yd9duFCyHgo68M4P2Sxv8cBOcDS12NV4gTafFlaM1Kt1PPQgAEcFckxwVlz/sdXPkrOguix7U0u5aR9+~3486003~3225158; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:00 GMT; Max-Age=14400
X-Via: 1.1 kf175:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9c_kf173_12434-19030
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=1039660
expires: Fri, 16 Jun 2023 01:28:40 GMT
date: Sun, 04 Jun 2023 00:41:00 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=1039661
expires: Fri, 16 Jun 2023 01:28:41 GMT
date: Sun, 04 Jun 2023 00:41:00 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2296
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; ADRUM_BTa=R:27|g:1df9486a-cb79-4892-91c7-e7f87ea86ff1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:151; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:1$_ss:1$_st:1685841060341$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sun, 04 Jun 2023 00:41:00 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Le3%2ff+DD9kedDkrtYdMR2g%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=Le3%2ff+DD9kedDkrtYdMR2g%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=E593436A3E5BF28C1FB6905D93B3F6C4~-1~YAAQlNAXAtw54naIAQAAFK3ZgwovNgomxS8V7Qy9JVnciuPaqB6VwkQZeeW1/BLtkTlAjl3yKZ2umkQpgXOV41hnDkCbKfuWdnosNwdNj1J327Loyyk+lqKVMKy9dQq+HNzN7S4z5mLGB1wUrjtuyPxCsi0UhZfwoosSIZASxX/6ND7WKhAHFgOF5b8EDQOX51Z6WW6bpu85UkClgxCRmPsXUEKnK3qiZa+C3E0ZQKWbt0Suxb+QBVXdbJNaSt0lHTzmyx57a8JQk/oSXXoSZUtbViEhh61wWiqHGRHuqPJM0Y+4l6jet9c1inX9jh7IvVuOyYtnHVV6INmSHsNcAjhE2+iCx4VKWNKU6P5JO15cG64q3cTR1cF1mpKShXWC~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:00 GMT; Max-Age=31536000; Secure
bm_sz=D7467A01E03E31ACC3D6837FF0DA02F0~YAAQlNAXAt054naIAQAAFK3ZgxTDSERP1Cdqo5X01tEouFwKiGHzYq49UvkOLXYyoPFnSoVkK6J5ka0mJn8McxeI1psokP7Hu6T70z3boZcPHRsH059KikCR8UkkfQezyvdwUHUQd3mF/lQ4oWHRUMdKT0LmzaWuvGsbpttSzN00cl3Juhs7j3cESdpNABEOmtEDDQKNEUhSXnSjZDD1aJKIlnRVTxhEd1nFn/WMQExkAN7AL3YqYV96btibp2bZqVLE7zNIPQwtUr6bzRDXQXzq2sObsq6YzzcHGbIEBxppBpfaeNmU~3486003~3225158; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:00 GMT; Max-Age=14400
X-Via: 1.1 kf175:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9c_kf173_12394-51460
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.26200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=4EPFMK8gVLAPgekhgqaxmA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=OMms0lo5M5gAeTkzpq8PGA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/gb/detector-dom.min.js
95.101.10.106200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qdQqOQqsMRMj1aN3E6dc3g%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.132.220200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash e3a6c5859ac6a2c3a4af969a7c7bc411
45cc4ca942d50bca70c3c92560d506f9477bd347
0983c0364888344af4b3213f7f629c6c89fefbac55de1fec07f8dee9f6cf554a
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------9372292757245961491786417876
Content-Length: 167
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; ADRUM_BTa=R:27|g:1df9486a-cb79-4892-91c7-e7f87ea86ff1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:151; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:1$_ss:1$_st:1685841060341$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CvVersion%7C5.2.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nm7OKcn0NW8WjooaJeSsQqtiDLldp0E758N8jd6K8SXJVhTWDK+khgTCbWo+XJN2; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
_abck=B43A2BC5F0A93AB2709A777171F2EBE2~-1~YAAQjtAXAmGESoGIAQAAQq7ZgwqekO7/KqEs8L9WQ9j0W0ejGkKEm/fYiffup+oC3VDHRrN/absUe/YQuWlZ8bx53grLG54igXaWCwQukwuTQawTIh5UVDElgS1Hu55bHzHNhN6hRghrsBrDLSZl3sMyRIcUHuPgSfS1gMOTRCkpHE6TR6iDOYocm8eBRvIdw5Qq7FDG24sbI56w+Z3qSh/kE6Aio0vbCMWygljnnl9+5IkdKkm68rFIK4hkasPRN/KGHXBhSVweUNNOV6VOFMqFLdhihaGxLBxNm9bNtwMaRGIMkLKplsQ7Hv6qYVX7Y0lAo4YN75cPawXo7vWJ0cPedLW8Xp1SV5Pf8+4qnkkbriHhqkZHjT9DTeGApi2g~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:01 GMT; Max-Age=31536000; Secure
bm_sz=303CC77BD0A78C9F970F677464095141~YAAQjtAXAmKESoGIAQAAQq7ZgxQhNk7VWjDKFo58WsaJxG8upIxX7t+ndcLu6aAgeCWdXUNaZlBvw/rT8pLq2OO03EJX6rhtOYo+MmMX9dzaExbkdHtMqKuas8TGRuw8H5nIcMeLgw7vbgdfhSmVZRoMhuiqlH/i9dNGJ5mcW0EAgwCF6K7TJ2hIaoJxixRQ/vHqPGFHUOfrR3OHmd4pYDmBNI9/Bi+KRSPidL1TOehsPEm5HgTslTh7lUCElEzof3zweuZ3YoZIMT8yLrB3myQvCmszk6IVCrE0o+4jPRjrT2WoP8uY~3682630~3359544; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:01 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12434-19033
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
95.101.10.194200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=y3js6rbwk94j+lWMQNMNh%2fhbdWQLqvqS88yzTS7RCUtLgvXPaOhrPESwIs%2fCbqa0; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/jsLog
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/jsLog
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 166
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; ADRUM_BTa=R:27|g:1df9486a-cb79-4892-91c7-e7f87ea86ff1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:151; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-296e69a0-bff3-4e1c-8614-fbca7369f7a6' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:27|g:1df9486a-cb79-4892-91c7-e7f87ea86ff1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:151; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926; Expires=Sun, 04 Jun 2023 00:41:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:41:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:41:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=5DAF5A3A6539CCEE7C9F0DE9DFA31A3B; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:41:01 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031741011859082204; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:41:01 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:27|i:206915; Expires=Sun, 04 Jun 2023 00:41:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:69; Expires=Sun, 04 Jun 2023 00:41:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:69|d:0; Expires=Sun, 04 Jun 2023 00:41:31 GMT; Path=/; Secure; SameSite=Lax; Httponly
ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; path=/; Httponly; Secure
DCID=PdfprFaGHAo4pHiwtPJvt1IKDskX94%2flQY1Sg7m00DymO1lIrGEH7gPVpFRzhK+h; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
_abck=C1160A1C93E695BBB6198D192A6BC07B~-1~YAAQlNAXAuc54naIAQAABa/Zgwp09Pqh9B9+cdq4xViuuVXq2kzhDh4My7gb/Kf8DOcuX/RiWYB1gBQtZ/dbgCtvONHeVEf5SEoxx3tUwyHCnSl3027WriH+e1Lr3ubNXTgGu97hCrXmtoMZNvDfCie+rA0z0IMxr0cCuA0g9BarqxOzdi3xBaNsZUyRW2XNrQyWCkjqBfIz70CTOc4SBkHlU6L2dBOZ6gqyj8tga2xRHG98phnIDAhzHEscf5fKNPqqWSOQjAKUjjI1ud2p7iE0C4HMyMGLg1GW6gWfZw7/JAp4lB+B91dU2ztYMTlTu4X6cju0RRgLuTUSGXhHpF5oEzUnr4ctIyNePdeFDDnfU8fHKHdlIHf59UoZ0ave~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:01 GMT; Max-Age=31536000; Secure
bm_sz=4DD02D9B4BACBFCC50DFDCFB2C016675~YAAQlNAXAug54naIAQAABa/ZgxSvoMzDvBRbsXMyZR7PwCUVwpd7FaMgo/1leU3B6z8r7Doe+/KIorOrZkDCLMSvOygKG0u8e7sx4/G+IPrKrTG7ow3JX1nfeCKiWutVJ8kCWME1VRK0il+JhHBK6qPWrysXFb5f4fAdOIVILYyx0HGYjoaJfdMosBM10D1wEk+T0I4qwjJaQltjqLh0DzQOu23qNSTSbnqIPrudPFvSdyeeQUjTyFyHdYm5IWMDI3UkgNZpOSBhbTLaD17Uc/MNEBSzQOxFOtCC2bof+HBaFht0CRVW~3682630~3359544; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:01 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12446-31245
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839260759&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839260759&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839260759&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; ADRUM_BTa=R:27|g:1df9486a-cb79-4892-91c7-e7f87ea86ff1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:151; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=+9TtRg870WaEEebWvsGt34Ppib1V2SV4CWzK5f6IeL6tV7F2OqojTjwU5WkJjRt8; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12394-51466
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
95.101.10.136200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=U0WaIsSASp0NWOK2IcU3ZQ%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
95.101.10.136200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=7hloujcWf0auvW9fewhvjw%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=CTgilpdn8UBtHax0yDVzfA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=dx4oJHXkK%2fwLRzWislqMUg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261066&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261066&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261066&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=hUGAjmi6cwjNIhWwq%2f4nm+MCRYGs5g%2fHyS5EUla7c5hh45FUHzLjNx+A%2fwDcNDDd; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12434-19040
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261071&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261071&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261071&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=oCRvwd53u1Ydd4anUbBP8uFjaP+3iEUQ1b5nLwpvmeSKiYQpAo8gs9VhEAVIa80i; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12394-51471
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=m56PurQSDospCbIVKZHydA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f%3A0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pv=2&f_cls_s=true
23.36.79.9200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f%3A0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pv=2&f_cls_s=true
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 146511df82aef7312740490244b5b801
e09e093490f0b48f65e9513f4f9a855bccec08ba
3ea65a2c79f62805b29f5fcaba389767dc52528f0d266ce76f49b4b891979f07
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f%3A0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!eKSfUvX/lUnXmqgq/D2JHXmrrcNtCzgU7mKeGjtwZ0wM65jsT1ud8k+d+VaUvhee1ZwPHvz5S74ohA==; path=/; Httponly; Secure
DCID=UrkdXw%2fAl%2fZI9MJ5S0RDU2Nf6qwD7VCwhKaSpfOxh%2fJR6OCo8FGvy05vkCQU%2fLqt; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261079&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261079&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261079&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=jDdUJTS17oeTro3F4tZmKqY36vnlO6+MpZYuF7M+LqTMWwEtCs70HTxyl1pTBT%2fG; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12408-63849
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=A6+mA03pq4CVllgDGPACBg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261075&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261075&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261075&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=M2ik+%2fqBntaVHT0+FVToA3A0nZ2bbHK61Y5cPdPbC+iiclquEkS+KjnMuTFOM05G; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12446-31250
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261083&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261083&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261083&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=8GXM9HWRRmSXzyH%2fwPpFFFPbviiAZMaap6o3xMJlJUsrgVtskYHGA4qVWoJtaF5K; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12358-26506
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261088&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261088&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261088&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=vYPuOA4kks+Ko%2fKWT8W6ltFB39%2ffiQAdlPl4GAZGvC8R5CqPDD7KSs+j3QPj6DUb; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12351-26492
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261096&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261096&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261096&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=YzHOG1g7lExmVeqvKK28AnPsrvvKudYqIdWYQptvL9KxoIQMmF9Njg%2fjFh5O7e0R; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12394-51476
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261092&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261092&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261092&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=BZUtMhUiV+h4KL%2fghlB+n%2f0bJTdEksPzFg+GLU6CU4HORlqP9Egx3QfGhdy10meq; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12434-19043
c1.wfinterface.com/tracking/ga/ga.js
95.101.10.106200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=CbLpzJD6hUVe9CCWK1L6mA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261104&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261104&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261104&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:02 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=u2rWVzyddTfbnTbEU17MA5eXpX%2fWJD8tJQ8qIP1e6%2f7WQEM17fTMFZ7GgdR%2f5xg2; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12446-31255
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261100&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261100&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261100&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:02 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=yVH+Cl72%2f8jfCSyeqSeFrILMIi8VGTZOVYOM5jPVIL0zHlIPMTbetCZ+vLMHTNUq; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12408-63855
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261109&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261109&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261109&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:02 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:01 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=bvnC9GValxJr+S8tPEgYTqngtdKnKEFzoxoRy94LPTIiGc5exyXor8BmbJwSDZcF; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12358-26512
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
95.101.10.194200 OK 150 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (150352 bytes)
Hash 782133089128a58eeddf60303634020b
3e49b2d8377ef5712aa72d15d98bcda216b4a2c2
1b4914a11689498f2feea53ae4eeebb5ed30936062d7fa07bd8b84343fbcb24a
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 150352
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=Aziu2YOIAQAAi36K6qgk2xhuJ6wDzH5EbBDEkImDxpRi7XaNUAa8QeH71PA1AVtaKpqcuNk0wH8AADQwAAAAAA|1|0|4873ec8784cdb06251984cfca74e0bf4577aacb4; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=%2fx9BYK80P%2fI80uRvtiU91gMqj4%2fKu82aVV3ahLoIaw0NloMYZFXcZ9FALZeFft+n; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
95.101.10.194200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=W9GpXPNjHNH3ihaw6Kuxc1dS1cOFeiob+gvQRupBQLbeZ8keIe2MxF9ia2PxAH5f; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
95.101.10.106200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=WqfFDoZLS%2fCXLbHc8%2fc2hg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261114&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261114&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F&cb=1685839261114&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:02 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:41:02 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=29k4pHwBWP1k9KX5ulQjeaGuCSLxvuJrrskfBEauPY2rCwXoPB6YufS5exkiv+S7; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12351-26496
c1.wfinterface.com/tracking/ga/ec.js
95.101.10.106200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qmdOndpGAO7bHSORc4Xg3Q%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 971 B URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash 73bfd0c8d2f1f01c3839f60b620cc6a1
c05ee27eb102e375ccf56351c3f7a06f192d6ad8
7d4cde5c5378af4df5b59f12e87b3b84b4ec7f0f8d5e0bfd47c2f6c3d23651dc
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 267
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:02 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 971
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-8bec6f9d-5181-4266-949b-ca5420b7fe84' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:69|d:0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:c12398f9-d2ba-4085-adc7-135f07772b5c; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:c12398f9-d2ba-4085-adc7-135f07772b5c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:52; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=E3EA05630685B348336CF9FDE0B0717F; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:41:02 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603174102885917719; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:41:02 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=YGjVkD+%2fN0xR324PL8GjjS%2fEr9wOh2ROhY9nrlvH8Zn4VhDJud+byWPqYqo%2fX8yB; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
_abck=B5AE5BBA91AC71F21341ADEE4B187BA6~-1~YAAQjtAXAnqESoGIAQAAKLLZgwq4gwfBaS5HY1JSGtk76Z8Xuc+0Cnq+cjWACy7kUY8Yd6Pb7t5Kup9pZGOAwIQqMvBUJNLaTvyo6RwoaTqVxb86wfIkRHpq7dzHxkdb9YH3o0n+JRNVjYqcKz7bmG75VdsSdtiJ9iMY5XlzjDUaYrURWLoqdOBFkbzuUKK0EMsOvAigqyaDF58Qqp5HRpEz9bW2eDbqmgWW9AutCVrjZ4EXfrPCHW2trUk/huWrVVUMNYk17GlBc/kjD1tLvOjnPyAL/ZR4AOngkk7bSLmQqsZeyiJ6ZjjyTg/JM+N6fwa5g32VblYwG9+/fnRDjxU1UeYcUvtZWcEnioEvrmrFYX0TRNKwfVh0gz4tCcHe~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:02 GMT; Max-Age=31536000; Secure
bm_sz=6054FDCA86DBDA1F83907E26FFED9B07~YAAQjtAXAnuESoGIAQAAKLLZgxQ47Oqhb+1XKqv4EOredGJi34CgH2z9vqfhd5L2ybH2pSyskNetoKoyYIxz+g8CedruA2ZKFLvF8wdNwlmxko9mHwbDnY0DmiLnaPWiQFWa7SIjFeHaIF4UHedFELTJaKDqTQ8D0n0ujd3hcCfk6foakaQQLM7QEvyYLCzPu9F0w08mNB1fgyOxUzy3NfVk0LsOHfwVgkFGYVzSrxm/jpo3CG/VCCnYszuFV2t8Rb4qKk3akcTSVqpmxxY0YTNzrFPqodn3A31rbsbWiL0Hs59gkQ4D~3223606~3749425; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:02 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12394-51477
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 942 B URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2358), with no line terminators
Hash 231cc05916523674ef6a092decd0b45b
5d025ce71b069a65afea3867de4ff9720b8b432d
78a2046edf36ce55746c7cebf0eb4d3981154f6f0ca5f280b3e246d8e1124197
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:02 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 942
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-e5ef5860-ffeb-456c-80c1-437340e4bac9' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:69|d:0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:e50864b3-074e-4049-aa96-3e8dd5fa3b43; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:e50864b3-074e-4049-aa96-3e8dd5fa3b43|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:52; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=1CDC39021F71D15078F7730076170017; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:41:02 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603174102790446137; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:41:02 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=LoP%2fisyzNvgeGmD9aznpaFnieLMDa4wAHqdYIiKzxpPInNFSiAZ7Px0ZLCPv1TdQ; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
_abck=08833A5CFAB05CA17323E0CF45F27833~-1~YAAQjtAXAnyESoGIAQAANrLZgwpPUzzDzUQwz16FkH+5yiNak/lEUxSWSFCNVqlCZKfUi+qgj1iayCfH27Mda9c8IOvLsW6PNki8WTpLoG5pqLfQK40xd4FBCmIqDMdtGgAgkzsAQ+Hwoh7H6Sq1BJ6srLLNGwdVq4pPKJ+uOTMqYOB4Z2dHh4xu81FTvaUjAmYgptmkdyjlIi9zQgefDBoHApURKiUKmrsAxronibrBxMLT/MaaoShuWfBEP4WfsW/vr9MZERrMHDK2CRDPYQVg0ucCx6GT2k6gZ9sNeICTY5c2IrSbT0EN+8gkKTyoFM9Ffj8JMu4NU+8wE13wuT8zdqC88GsNYvWGVfbAvwOewZLfI1F9rY7zhi74lTuW~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:02 GMT; Max-Age=31536000; Secure
bm_sz=BA56F9F5CB9A4001DFCC29338DC39E40~YAAQjtAXAn2ESoGIAQAANrLZgxSJQqIddkESigTJooVk5mlqPe5CEaJ6dLWfZw2o/K+2AL31A9rlJfH5wUhCcC3ot6K8eqCQYnap7SvKFn5m2Feb8iURAo+oWmb7L1030Q7DCZohJZISR2SsIYhxxLl56NZYdnv8TLyDTtpjkL+4RwuuSIES8bGfSLUK8OL+hpsFAG1Qq00eOx9tpOaAwpzOh2usbZc8YoEgLolLyThPY9JpaC3c9LBE6CPGiE3bzR7tNVNtJBH6pPJH6nqxEZAaNM9eQA9zBxZ68KAXwYsGDsNQ0hel~3223606~3749425; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:02 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9e_kf173_12408-63856
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 940 B URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2361), with no line terminators
Hash 63559fbf17a3ac8fe50d788065e689ef
f0be1ad076fff75ca05b29fbfe987f5665b82638
801fba2dce2be3c881746349bd188df9e69444dba9ba8ae43cc44e5de024aecd
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:02 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 940
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-745d168d-8625-40c5-a6b1-db3d48fbd3a9' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:69|d:0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:fc20bc7d-e73d-4e00-a835-2c61017facb4; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:fc20bc7d-e73d-4e00-a835-2c61017facb4|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:52; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=FC0200A84460B0E95DBA1E3E6A31C476; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:41:02 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603174102271171385; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:41:02 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=uBA4CX6bFnEtxP7Qr0zusEqRK3eITgA44dt7V6BJhhBK83LiHjbBtBSRsSr224A%2f; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
_abck=ABEB0DAF90128D32DC0AB64AA8A554D1~-1~YAAQlNAXAgI64naIAQAAcbLZgwp9jmptkDHht/HE8chrl+Kt8Tewl/byPgjtWOvgPUog8uM4oJUfz0Z+JufziTRMJ6vFJcBUkebsm3C+SvyBXrp9vcmFbdyGDhzZe8u2YC/RC1Txv0SLStN1BaMX5pqlhssiH+TE4hyu4GVhTOoNQ3VZcJfKE04OkVRp2llQo1OMBKeCdSaJOx44oPTqUzafWUkoq6xpPy898OtQdoIecYG9PPhJl70BEXuyRk7FOguyBJy8W9x+iTPA5jEsb5EYDKLRgfR5vRk5OVwEyDRiJzy+Q/MomRhX4WQZmC+m7b7IFw9/EfrRwSNZ2g0VmxNU4i/hN51jJMnfnsQWtkURxy9zyNFuTaXLlMUOwfHV~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:02 GMT; Max-Age=31536000; Secure
bm_sz=DD52CE8217169ACDB52E42E2ABEAD1D3~YAAQlNAXAgM64naIAQAAcbLZgxRP1J9I/jJddHHpN+pv7lLANi1QHkJwZqy9oCpVtiIaSm0Zh8twh7DKVmgh2yNGWmp2C3xryePER4r/hO6vM08mtK9DjxwYnLLPVc2LTi0KKESA/9Gg9CPN7igWYT+7cASDMLNnzsrsHwy99t32jzolhlPMcUnZ7F4istrx533NEw07GOYY3ctVRMqil8i0lHQinIZuw2jM+Sn/kLEpBbTULGyna3pvbBcoG5fEcK4Or2eQyyXEboA61uyWU5FwnkurWlIy4XCm1tirAHXt3PT/dI6+~3223606~3749425; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:02 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9d_kf173_12434-19048
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pid=549c2b8c-29d2-4f74-833d-108675ca7ac2&sn=1&cfg&pv=2&aid=
23.36.79.9200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pid=549c2b8c-29d2-4f74-833d-108675ca7ac2&sn=1&cfg&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 146511df82aef7312740490244b5b801
e09e093490f0b48f65e9513f4f9a855bccec08ba
3ea65a2c79f62805b29f5fcaba389767dc52528f0d266ce76f49b4b891979f07
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pid=549c2b8c-29d2-4f74-833d-108675ca7ac2&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 11255
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!/J9uGlz2thoSCOMq/D2JHXmrrcNtCwp+u9npfn2Dhd8fmtaYWXUFdne2ur3kxiti71upI36SO3zLVw==; path=/; Httponly; Secure
DCID=%2fESD0y6xC3+RZjh8fmrSDbLoQZMaEOK0Ipx093hN9t96mUEdqkwcXL5GOFPUCqnD; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ort.wellsfargo.com/securereporting/reporting/v1/csp
95.101.10.211 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 95.101.10.211:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 3a73ee27-2834-44de-674c-df21c60e3e28
X-Xss-Protection: 1; mode=block
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:77a26d95-6915-4338-b6d2-f7001eb1eb94; Max-Age=30; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:77a26d95-6915-4338-b6d2-f7001eb1eb94|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:1; Max-Age=30; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:1|d:1; Max-Age=30; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure
DCID=K5kK4vnxcr+0SFbT6uBTGrK3W6ASw4CJF9SIQKTAuF3ydPgjV9GyA0bSpKj2O2Pp; Domain=ort.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
_abck=F8035EADA95206FEAA0DC48AC65E41E6~-1~YAAQzwplXw18o2yIAQAAqbLZgwphj8EcvNq1TnbREuhRDA6PMf9o6o44JuRWN693pL/+pdkfmvWvwvEt7aQkF7FrlC6e6VLd8HYTmydjgjXFiimMJpyZE2/L9n4MDb2ruSSLGSOlj74smnVK/vOm6xYGO/zdnzfHloTlchpJTj9KtDbyfLE6NmB+sTY/EfZuw8vE0hUgDIdKwhl/+BAjeuZCXRS0oRbWA1CenFSL82RzRyxgXHk3pqTN61H3L3ligDkWu+dgbOoHIv7ZznvFNlHrq8RmevluchXr2QzZwNTOD77HRn6GHPgRgNPXE/e4DbzmR0mjvZJDsig1cJmb2QeuBbAYTz2VsgLYkgvhcP33SQYjdKzUvBpaj6bCgxSt~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:02 GMT; Max-Age=31536000; Secure
bm_sz=02E6AE7B3321909F7845969C7ADF5ACC~YAAQzwplXw58o2yIAQAAqrLZgxRmsM4qKFVDYyZ18iQyBwsmg1LoF3gZr4H2zSOOXFtQ6IDe1ou+APwkgy3bJbJFdkwwge54Y5ixuHSrgCeU+FCjyaWLIj4gEeWL84omwwUsr8ZCngNujDrIBQcdDHntWe6vAfVdGfArZc6JhGpfva/d3ryhcdykxoVaiebVs6+n+N1K9n8noXRMrVeiBG509C/4bAoeIQkDcDKEtq26J02zuauBkpOlXgqEI7Rb2rq2FbnU9crimJZWhtZfpnjsck6a9AfXVtRQHmZ5HsWoeymY3I6D~3420996~4403254; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:02 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 971 B URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2441), with no line terminators
Hash 5295e152fb2cf20635a06de890b12c90
8a59b92472f2375df68c45c9005b8f2675f063ce
4f50b6bdc18a6c67ba8929de120a7ef60de3bafcafe4d587d26a98763c0240b5
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:69|d:0; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:02 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 971
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-d32cbafc-8f77-4cf7-8639-5e5c1bb837f8' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:607825bf-160d-4ef5-94df-511888096926|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:69|d:0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:126eea40-e4c6-4ac4-98d4-fa220803de80; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:126eea40-e4c6-4ac4-98d4-fa220803de80|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:52; Expires=Sun, 04 Jun 2023 00:41:32 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=81FFFEC194619562622768D90515E2D2; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:41:02 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031741021585002665; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:41:02 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=lbE9ol8kjY7DuflelhrDYLgYHCj8+V1BL6xAgcnSNe8%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
_abck=F87650A6BE92823ECCDB0A8B68FE7860~-1~YAAQlNAXAgc64naIAQAAurLZgwqmFHQ1TTGA70DD/aWPvW8s5U+wMGLN536GHBt1PNA4XoI0PlTKYwROkzSEB/ax1Ld5gZRYzlS9BaDTT7Mwjp3aQ/luOLEvGUFSsjWAgK2fHcJRdyjwiEhxgp6+qYt49e1mjMfvF35/mJsOg1l4JOvlfA7IwKwy0wt0pe6yf4DjNklIY6hiwZ+YTIXpX6N+9NVLtAZ7Lr/bEdGb7cy9JSU4Y9r/9MMHimc6QCN11WmYx5fsgH5uUwr0whLjv3NHVlZQnG9XYhogqfE84XYyxiWfgLZkvp+u1qo/1JOYtQBXhVCbxcW52VYNhsT2QXuy7hslbDGCV7h+nNHzP6dvrNykx8qLfiJ8y0Yf6Ys+~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:02 GMT; Max-Age=31536000; Secure
bm_sz=2D7AB3171C57E9BC148B4BF11FCDECEF~YAAQlNAXAgg64naIAQAAurLZgxS+DWmOfvMeORG6XnM2FLJlkeCXBc87el5eZgM+kLenTCIRJeBim1NKvT5B/bIPX8UksjbjSnawWE9vbR/1OUQMiFToh3PlJDvgFfKUmhlfADU5+O2bBbWPAOp5CaMNauk8M0SKTKg/V6uEzkk6JedKz+nkHP4wsKMR3jEPKuFd1h/eSNMLP7SNs9R0oNlOW+s+80dneNPbGgMtnX2I8Lpu4oaymNfHg2tV35H+lX5NRBq5zOd6rFpD4Hg1FXPYzvKz1wywKoJ0gdt3CH4dF0MyCNEO~3223606~3749425; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:02 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9e_kf173_12446-31257
connect.secure.wellsfargo.com/AIDO/glu.js
95.101.10.194200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash cfb1cb7e0c6cd7ed4ac0e0baaab0ffd7
c5add19bc451c53ac11368e6a286bd13a5a3bc83
24b8a3315f972f1c00c8aadd5b76b92c044fbc876b75c03b2d92cd1e5df050f4
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37176
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Heqh0b0iSF4IhLZNDf2XGMHvm4bfhaBxnfvRR+lKdmGoKNVkhNYCatYW420lwM6n; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
95.101.10.194200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=C7VaN03LD2C4EWb5aDU8GBFw8ApTApDW3bLMLKG0SDoku1djxBowXYLLY8qsaGJM; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.7533761777155422
95.101.10.136200 OK 52 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.7533761777155422
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0d4536cafbabf52679d2752a30f1736c
9a4a9a7c98c1c317b812f727259a1a05df231ca9
1f057fe81ccb6044aec326beb74b0c6b191c1efd4c8daad28d2d3d82c30e8d47
GET /PIDO/pic.js?r=0.7533761777155422 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52540
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 04 Jun 2023 00:41:03 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=wamdqDPvGrAVGo88M52lDrtj+mI0hsTbYQ1qyn0Js1q0teH2nIpuMjcHPYR6RcfW; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
95.101.10.194200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash ef3c6aea5ee493ca2c5869e0682f60d7
27ceb74fbabc1152c47391deb113107e9594dbab
a9a476a49a5fbb899fd033699ed9425e9ff16a02a5c48329ff2af1846ecdf1c9
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 18101
Date: Sun, 04 Jun 2023 00:41:03 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:e472d4bb-53cb-4caf-b17f-dcfa2d76234d; Expires=Sun, 04 Jun 2023 00:41:33 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:e472d4bb-53cb-4caf-b17f-dcfa2d76234d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:41:33 GMT; Path=/; Secure
SameSite=None; Expires=Sun, 04 Jun 2023 00:41:33 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sun, 04 Jun 2023 00:41:33 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Sun, 04 Jun 2023 00:41:33 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=G9GolXJrpD6RaFTj3Q0nOOJDbLhhqjFzh7B63ONmzRrFw1WFQ8QH5Zzhq%2f+rhtrH; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:03 GMT;Httponly; Secure
_abck=2D4242E3769C407A51E41A6FEEE97F02~-1~YAAQvgplX8x5E2uIAQAAHbbZgwpdxFt5+IxxyMB8IvXcF3nJd3PAqxbG1yrfXZO3OrYLmOArfIdxOHy9FX9N9RyVfwNLg3uk9d8VuxUCd6J+f0vFKFkh8G4AwVHb2oM5Rq9UxbmoupJrnP2KTTIo8dlUYsoMpJ5PuTFmFI1KxOu4pFJ70882UQ3DRVjHgiSnpGZU/IfgwL+qiivGo2LEZAjO0zvnj/Hjm22w0e54so8nI8JwvEFL6EB2qI0s4xkH8aZKubamQXP/jZGMjoKj/NI+fyUOsggMcoeUNULGdqlofYkmsIL1shgUkSLcuIXKJEup6PplXXmr8y6FIRlCo9eJAJSI6mIjlJem0ylh8wzoUBln6njq0luikm+Kxj8n~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:03 GMT; Max-Age=31536000; Secure
bm_sz=1FE3056B929ADFD2DFC97B377494DA6F~YAAQvgplX815E2uIAQAAHbbZgxQJ9NJ9MfRYL01ivw0RZQ5KrojDwazbayY3u7Y6ovI0tjNi8JZlJamQZejPMoT/Yt2msdILiOsD3h9ybpeanpBpXn1h/tXDoD9xPX0yAV9DWBatFFlA4WaUAbs8aLLSqFJbmkagXscltaCLLtraV8doIAXnjXqepnuY9NHbI3D0MEJdf8mwjeQ7OfxnPOnFl4bC6ZnagZMiolbeDnRfQLfSvQXxTYCRJxEaI+thvudhyKBdpBb+DGXK+grwnUmZ2NQu9h3eBYAiG2QFM9OyE+pQOfW5~3289650~3158337; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:03 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7822343586106428
95.101.10.136200 OK 137 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7822343586106428
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136621 bytes)
Hash b1fd7fd6fa11418875349a02c516bdcf
2aa6ff3e13712c7cfddd5d6482f97d5f530a7b4d
77cda4ef200d1f4711be1481335e9fd4d75e81e7a6ff969d9deae2cb3c25059d
GET /AIDO/mint.js?dt=login&r=0.7822343586106428 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136621
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 04 Jun 2023 00:41:03 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=OLUfNgyeHBmXgE1zOZ7GMxE7EIX6xLC1Vyc535Ud0VBS7naDB8ACMMcVrrPqS75u; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEAvSWpWTXRML3YzK3FRS2ZpUzIxRlBUQUkxeTZOMk9nV2RqZm16ZTdnQ0lHWDZNQUNvOTVUbFRzVjN2WmtSZ2NLNE5KUzQ0R2lIZlRNWERhTFJqQmJyb2RBbXJNOThobTBvdDJMK2dGeC8xUWtFdW9sNjc0YytyMS9mU0xZcDhzdGxYQS9CamQ5TVlxOGhxSlJqc2RxUlU0WmJyWk9VQUYvQ2xmajRnRFMrcUFNOEtuTlF0VnZIcHFhUk0valhPbGhKQ0UxbjRZL2xUb3hEQm9NOGdpa1V5SzNGTEJBM0g2SjhTdXc0eUlFZGhMNWZ0TGVyR0V3QmdpaW5ZdkpYTjY5dUs1RSsyRWMxaThmK1craFRCNmxHUWNhZkpmM0FBQVI5VzRtd2o4PXxkNzE2ZTVkYjE2OTI4NGY1OGRmMzE0NjU0YmVkOTYzNzNjMDgyNDYxZTMzMDVjMjk1OTRhN2ExOWM3MDRmNjZhYWQ4YmIyMDgyNjhhYzcxZGNiMzU5Yjc4MWE4YzE3ZTRlNTQyMGQ4YzRkY2FmZDIyMDc2NTFhZTY5NWE0NDMyN2I4NDY2ZjFkY2FjODgzYjFkYzMwMTAxZmNiMDRlZjBmODhhMjY1Y2NlZjFmNzZkYWVmYWI5MzY1ZmZiMTM1YTU1Njk5MjIxNjhhOWE4MDNhZTAwYWQ2NGRiM2I0NjgzNTBhOWVmNmU1NmU3MjlkMWNjZDM1ZDkyZjA3MjdlZmE0MzEzYjYzNDEwMjgwNWYxYWFhNDljMjQyNjFlZjgxNTVjZWY3MDZmNjFiMTQ4MjczNjA2MjM1ZjZlNjRhZDE4MmUzODhjMzY2YzA0ZWYwZjJjOWVkODA4NGZkZmUxOGVkYjk3MzQ1MjEzN2IyNDkwZDBlYjdhN2FhYjA3MGI4NzA4YTczY2FlMDlkNGUxMmExZTNiNzkzMzBhOTBlMjk3Njg4MWQ5NjE5NjJiNWNkM2JkMGNjOWNhNGJiY2FjYjI3OWZlNTQ0MjM4MzRkN2FjZWEzYTFkNmMzMDUyM2UwMGZiMTJkN2Y1N2M5ZjFkODQ1MTgwYjM5OTM1YzMzODNlNHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com&t=jsonp&c=wwgasevnnyxvuyfb&eu=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F
95.101.10.194200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEAvSWpWTXRML3YzK3FRS2ZpUzIxRlBUQUkxeTZOMk9nV2RqZm16ZTdnQ0lHWDZNQUNvOTVUbFRzVjN2WmtSZ2NLNE5KUzQ0R2lIZlRNWERhTFJqQmJyb2RBbXJNOThobTBvdDJMK2dGeC8xUWtFdW9sNjc0YytyMS9mU0xZcDhzdGxYQS9CamQ5TVlxOGhxSlJqc2RxUlU0WmJyWk9VQUYvQ2xmajRnRFMrcUFNOEtuTlF0VnZIcHFhUk0valhPbGhKQ0UxbjRZL2xUb3hEQm9NOGdpa1V5SzNGTEJBM0g2SjhTdXc0eUlFZGhMNWZ0TGVyR0V3QmdpaW5ZdkpYTjY5dUs1RSsyRWMxaThmK1craFRCNmxHUWNhZkpmM0FBQVI5VzRtd2o4PXxkNzE2ZTVkYjE2OTI4NGY1OGRmMzE0NjU0YmVkOTYzNzNjMDgyNDYxZTMzMDVjMjk1OTRhN2ExOWM3MDRmNjZhYWQ4YmIyMDgyNjhhYzcxZGNiMzU5Yjc4MWE4YzE3ZTRlNTQyMGQ4YzRkY2FmZDIyMDc2NTFhZTY5NWE0NDMyN2I4NDY2ZjFkY2FjODgzYjFkYzMwMTAxZmNiMDRlZjBmODhhMjY1Y2NlZjFmNzZkYWVmYWI5MzY1ZmZiMTM1YTU1Njk5MjIxNjhhOWE4MDNhZTAwYWQ2NGRiM2I0NjgzNTBhOWVmNmU1NmU3MjlkMWNjZDM1ZDkyZjA3MjdlZmE0MzEzYjYzNDEwMjgwNWYxYWFhNDljMjQyNjFlZjgxNTVjZWY3MDZmNjFiMTQ4MjczNjA2MjM1ZjZlNjRhZDE4MmUzODhjMzY2YzA0ZWYwZjJjOWVkODA4NGZkZmUxOGVkYjk3MzQ1MjEzN2IyNDkwZDBlYjdhN2FhYjA3MGI4NzA4YTczY2FlMDlkNGUxMmExZTNiNzkzMzBhOTBlMjk3Njg4MWQ5NjE5NjJiNWNkM2JkMGNjOWNhNGJiY2FjYjI3OWZlNTQ0MjM4MzRkN2FjZWEzYTFkNmMzMDUyM2UwMGZiMTJkN2Y1N2M5ZjFkODQ1MTgwYjM5OTM1YzMzODNlNHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com&t=jsonp&c=wwgasevnnyxvuyfb&eu=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7288f9689d9a6263895fa19904b6ae29
d9035e51824fbc1e8bb07ca10db60fe353c34433
0f1238becbecccb8cc03c062d232780c0d5a9f082b340a822c96db6469d6667c
GET /AIDO/vyHb?d=ZW5jZEAvSWpWTXRML3YzK3FRS2ZpUzIxRlBUQUkxeTZOMk9nV2RqZm16ZTdnQ0lHWDZNQUNvOTVUbFRzVjN2WmtSZ2NLNE5KUzQ0R2lIZlRNWERhTFJqQmJyb2RBbXJNOThobTBvdDJMK2dGeC8xUWtFdW9sNjc0YytyMS9mU0xZcDhzdGxYQS9CamQ5TVlxOGhxSlJqc2RxUlU0WmJyWk9VQUYvQ2xmajRnRFMrcUFNOEtuTlF0VnZIcHFhUk0valhPbGhKQ0UxbjRZL2xUb3hEQm9NOGdpa1V5SzNGTEJBM0g2SjhTdXc0eUlFZGhMNWZ0TGVyR0V3QmdpaW5ZdkpYTjY5dUs1RSsyRWMxaThmK1craFRCNmxHUWNhZkpmM0FBQVI5VzRtd2o4PXxkNzE2ZTVkYjE2OTI4NGY1OGRmMzE0NjU0YmVkOTYzNzNjMDgyNDYxZTMzMDVjMjk1OTRhN2ExOWM3MDRmNjZhYWQ4YmIyMDgyNjhhYzcxZGNiMzU5Yjc4MWE4YzE3ZTRlNTQyMGQ4YzRkY2FmZDIyMDc2NTFhZTY5NWE0NDMyN2I4NDY2ZjFkY2FjODgzYjFkYzMwMTAxZmNiMDRlZjBmODhhMjY1Y2NlZjFmNzZkYWVmYWI5MzY1ZmZiMTM1YTU1Njk5MjIxNjhhOWE4MDNhZTAwYWQ2NGRiM2I0NjgzNTBhOWVmNmU1NmU3MjlkMWNjZDM1ZDkyZjA3MjdlZmE0MzEzYjYzNDEwMjgwNWYxYWFhNDljMjQyNjFlZjgxNTVjZWY3MDZmNjFiMTQ4MjczNjA2MjM1ZjZlNjRhZDE4MmUzODhjMzY2YzA0ZWYwZjJjOWVkODA4NGZkZmUxOGVkYjk3MzQ1MjEzN2IyNDkwZDBlYjdhN2FhYjA3MGI4NzA4YTczY2FlMDlkNGUxMmExZTNiNzkzMzBhOTBlMjk3Njg4MWQ5NjE5NjJiNWNkM2JkMGNjOWNhNGJiY2FjYjI3OWZlNTQ0MjM4MzRkN2FjZWEzYTFkNmMzMDUyM2UwMGZiMTJkN2Y1N2M5ZjFkODQ1MTgwYjM5OTM1YzMzODNlNHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com&t=jsonp&c=wwgasevnnyxvuyfb&eu=https%3A%2F%2Fwww--wellsfargo--com--uy49329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Sun, 04 Jun 2023 00:41:03 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=rggMAw+CLQfEx5gKAZiUgwDOTQ5Pg4AIhw%2fAN1NoM2kdHXz8PubNSvWgE8WCZM+m; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:03 GMT;Httponly; Secure
_abck=C609036B38A1BD67CBD554728484D14F~-1~YAAQvgplX855E2uIAQAA7rbZgwpXOY5W7QZnIeu+sJratuAbwc2+3u4dlhemd73u7LxW5clWqdinxHX0SllEU/0XYPtGcsRCs5MuyYe9v8Ask+dwjAPkOyZAkWQg5/YrMbKsCnoi6KwaOXHMerm9zYbLovpByl2gpV2h4aa6EZPr/FZm7YoBYkWUW44d48RKT0ChcusLrIjhrpTUl7VqnBClSwyouLpd03rwn4eciLF0wZJ9dtBQNMKYZkkgQZh5PO3l5g8vNFsnCBJRM4eMjyOwd7FFOPfr1d62XnvoRcvUsaG0CNb/3Hspw1RVyQfCpTOQbZMC+ycc2MQ0NgV+iWbstkzeS2UDtTZQKM+FuXXpIsDhfs98gxaZv3uIYhgO~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:03 GMT; Max-Age=31536000; Secure
bm_sz=ED747A0A27455F38BE116C00A48948E7~YAAQvgplX895E2uIAQAA7rbZgxQvikXhO8lVkI1nqFeB1mb3ReZ74Z6JYaS5H6cEwPKGIWuVGM5c4MmhhjZtzNI7oQSiLRGhiJ/Ig0YONouOVBswr7sc4VWGokIQtCuA10Ot1iJJt7jgnFQdzPbY5E8M/DGqq852ht9yv/v6LZf8tBvEuUBFDmj+lIQTw0mnEtV6yEQ2m5+LXZiYmUxO8fcFAyvB6kAm0Fmg/6sb4PhyuzcYk9KJFEUopf3kL7MwCJGsvushCEFywZiXta2qy/64FDlKOf/q5AOqoi1LgcvkcKk+7V6Z~3290935~4535618; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:02 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.132.220200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash a2975aeb4faf54e524f793e97570bfa3
42eeeb67fbaf340b5cadff4abb5e935f6c6f78a5
b17eafd385a3f569437425bb617994c656467bc920ac12634b799f3a0fa13169
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2046
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%2C%22c%22%3A%22d3M5TFBVNjk2OGtsV2dJbg%3D%3DvjomJxBw9Aqyq-8Lzddb_YRuF4ZSbfvbwxJEPVDiRU8B_ge_q4hLlvf0Y9E8EVMtKd3gLj6uixPZ8Rf3bVaZOFi-70oZM1k1Ulc%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0; _gcl_au=1.1.475756857.1685839261; _ga=GA1.2.710800333.1685839262; _gid=GA1.2.285820534.1685839262; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:126eea40-e4c6-4ac4-98d4-fa220803de80|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:52; LSESSIONID=eyJpIjoiMEJ1bkZ2RTlyOERXcU9VMktpaVYxUT09IiwiZSI6InhGTUNWZ1hoRTVCeE1rME1ZaEV2N3FEd0RrNGxzTlVqK3YwQWp6R05PUUlLKzlaM2xHdGJIejJLVnlkQWxaeHJjNnZnenNVeStPTllaczh0YWNWM2FHZDI3MVRnVzNJMmo1dlpXOE94andBRHRhektHZ20rQUlIbjlHdWh3c3A4Y0hGY0FIQ1FxZndiVWRJRTFDMWQxUT09In0%3D.b219a4c7c8e72556.ZTQwZWEzMzA4NzU0OGI1YTkxN2NkN2JjODY3Njk1NjE2MTMxMTQ4OTc5MTllZWUyOTM4NWVjZjYwZjBkYjFlZQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=8EusRlcoZuO7aTxGXwT4u+DY6xWp7feqqa2LzzSvCeW5srrQFbF4MJ2aMD5jj6j0; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:03 GMT;Httponly; Secure
_abck=A8A1C7387A1CC6CCD0AE4D5B63CEFD03~-1~YAAQlNAXAiM64naIAQAAQrfZgwqPgX/uEVcaNLt3vnKe7ut0WXg7z+nAUFRdxBpQ9P8FDJWq3oJ13pT49CmOXBs2KvI3b6cajvVZMzsBUGJJaY3HkoKdMghkeQbgV9sYEuCLjo8OO7qCTVrrzQyR0shLsfHaSdF8/h9uj906iSCv4pOwh106s3zgUjuGFtSE+Hb3ytrDsrg0rJWtDaKHrEu7ECczmmXL/LBeZCYhh0RkqauAiapFvK4RgpOnqwqDkLqgFNqI9wGvgxZFDnf1BbdpJFLCY6e2+VBtAcr0BQJHoeQt+jZDngiytcQjUgputSyZzc1Hpr8gqXZmaR0Jb9IR7cjMftaLBONpPhN6dORQG97C0Vkv4dU08/PT7TT8~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:03 GMT; Max-Age=31536000; Secure
bm_sz=755E396EE931E9791E148F2F2C77CEC9~YAAQlNAXAiQ64naIAQAAQrfZgxTYAR1OtTsjt3v4SlevA3SEl590ugjY/O8MyPBJwEXJvx3lWm8rtE/O5oGJjwVOGE3DgtjNEea29rkFAdROBfxC3pZXGep+Xg4elo9Nki0fInVj5/Bo70MXnHJlYp4qKGACNRDsnMZzedAPg9neUlrzVyrnuDThTyTCesYcL6E/+n9mTEQFJ9tWEqCf3tRBu6S8T7rW2O2NKtZVfdPb6wMegmoW5qGd2gA7y85UcJCVURVa/ZYA8qmRBOc+6GT96z6EL2PVbAyMsxftkzJMrYlNgVKn~4468785~3356738; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:03 GMT; Max-Age=14400
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9f_kf173_12434-19063
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.132.220200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b030d0fa710b5082d58df4f7b2a0e76
ff742f16242082cb414d2888be7501dc7129dcab
e8331ea66e7a22246621a80e6a5f41e30fa672398484c76009618a69768e84ff
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 648
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk%22%2C%22c%22%3A%22d3M5TFBVNjk2OGtsV2dJbg%3D%3DvjomJxBw9Aqyq-8Lzddb_YRuF4ZSbfvbwxJEPVDiRU8B_ge_q4hLlvf0Y9E8EVMtKd3gLj6uixPZ8Rf3bVaZOFi-70oZM1k1Ulc%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AZ%2Fde2QAAAAAiRXlvx3PVFz%2BE2YM%2FakG%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0; _gcl_au=1.1.475756857.1685839261; _ga=GA1.2.710800333.1685839262; _gid=GA1.2.285820534.1685839262; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:126eea40-e4c6-4ac4-98d4-fa220803de80|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:52; LSESSIONID=eyJpIjoiMEJ1bkZ2RTlyOERXcU9VMktpaVYxUT09IiwiZSI6InhGTUNWZ1hoRTVCeE1rME1ZaEV2N3FEd0RrNGxzTlVqK3YwQWp6R05PUUlLKzlaM2xHdGJIejJLVnlkQWxaeHJjNnZnenNVeStPTllaczh0YWNWM2FHZDI3MVRnVzNJMmo1dlpXOE94andBRHRhektHZ20rQUlIbjlHdWh3c3A4Y0hGY0FIQ1FxZndiVWRJRTFDMWQxUT09In0%3D.b219a4c7c8e72556.ZTQwZWEzMzA4NzU0OGI1YTkxN2NkN2JjODY3Njk1NjE2MTMxMTQ4OTc5MTllZWUyOTM4NWVjZjYwZjBkYjFlZQ%3D%3D; ndsid=ndsamtxxv65gq4nligp64f2; _imp_di_pc_=AZ%2Fde2QAAAAAiRXlvx3PVFz%2BE2YM%2FakG
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:04 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=JjkDFRNEnZc6vOIeGN3hjqZrB3icKnCucGibRHJ3DHMarNAOMIYmrBBGR6Uzh3p%2f; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:03 GMT;Httponly; Secure
_abck=47BE3BE38881E0A26F674EBC3A58DB02~-1~YAAQlNAXAjU64naIAQAAMLrZgwrry03v1dTovrJP6WU9WeF3dcKthiUy04+LfaRM+xntSo0yZTNUk8xg8Q3YBR8wXr+ZGrdaSN1j5T54c+l9HYyfqTUfEi8B8Ecfx8kFyUomxykMWtDID6diC6aXG2KvFIIvk1q/7xbQqxB1CnAccSypqgDkc9ibTQ7o3d0rtlrwTkRPSd6i9H8KaRwXZnep/yWkunKK9J6CxllronsstsgkG5PqTza6VAei4CCb9kx2pngkYm2+6BfbaFxsRIMbK14E8VgJaAPzT8V/5PlVt1UwmglCVDM+x7jdhCwVsbdd+4HIK4WOfgGGAHafsNmiz1+JVqVbDXmlJoKAUn/fjN7zAX2Xzd9R9GDVvySm~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:04 GMT; Max-Age=31536000; Secure
bm_sz=58E31CE61503DEE0FA4D86A5C9BEF602~YAAQlNAXAjY64naIAQAAMLrZgxSCyr1hFliVOCv4wlfHfvRdmqg+2nkB1WZvSYMvRZpuVCxmPtP+yWYAjsky2fNnj5eHPweHMb5kXiSZELFMVH9PzwUGZAboVkugAIgxKyFGsJXgpsfFP7F0xrpCv8stQq0OCGG8+QQJtmYZvwyEfo5BAgGe6hJlrz0L1cP7570o20P91g8IkVR3faJMr0Q+qkVDzhJMG47rVIIjPatGLDvb9p7UwzUHB8SHFyu7nUB2Kx8dIZNUQGeeg9N2LDbx3iSo1E9HwzTnkVQgCpQwn4mCyLfJ~4468785~3356738; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:03 GMT; Max-Age=14399
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdd9f_kf173_12434-19069
www--wellsfargo--com--uy49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--uy49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--uy49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!LGbfrrtZroz11Fms0q/LsATxthJGHtKi9g9A0rkhdZLhebspGell4xCZRRFxYXTUtwzCwN9rz/Sk4Aw=; utag_main=v_id:018883d9aab500133db931e233f105046003700900918$_sn:1$_se:2$_ss:0$_st:1685841060685$ses_id:1685839260341%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQEYee8uojTF8CmqhCzjvoQfAoy19Q277V9AjmXvto0%3D%22%2C%22_s%22%3A%22RhsOBZFk8CrPLgy%2FyScFmX7%2B%22%2C%22c%22%3A%22d3M5TFBVNjk2OGtsV2dJbg%3D%3DvjomJxBw9Aqyq-8Lzddb_YRuF4ZSbfvbwxJEPVDiRU8B_ge_q4hLlvf0Y9E8EVMtKd3gLj6uixPZ8Rf3bVaZOFi-70oZM1k1Ulc%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AZ%2Fde2QAAAAAiRXlvx3PVFz%2BE2YM%2FakG%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%220nQ-t2tF_FGxOj50ip0CyA%3D%3DXV0xmSJ-Sv6f3cwyfqA7xJjV9V43Vp6wW3PoiF0Bk3pRpc6HH2VND6JKBrlYG5en32NnjppVGrAUIgPsOgymaFfuWH-yBPJl835JkQ9Fg47qBLR5bTNfPZR4jO0QmArrqp_OtSTPHY7Js9_b--kzWI2peIGWA1muB2NwxDHLvHzRX_D26wfCUQYA%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAvmT5heg1ngO80E%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C24031283859871537406235725554954174979%7CMCOPTOUT-1685846460s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!7vREW5AtqqRWwjMMntjHYqEj2JIOPE2hsQvz8qaZoMQVtvHCGlOjiaovZoazM/iRZyAbBC1W9/SNGd8=; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0; _gcl_au=1.1.475756857.1685839261; _ga=GA1.2.710800333.1685839262; _gid=GA1.2.285820534.1685839262; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:126eea40-e4c6-4ac4-98d4-fa220803de80|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:52; LSESSIONID=eyJpIjoiMEJ1bkZ2RTlyOERXcU9VMktpaVYxUT09IiwiZSI6InhGTUNWZ1hoRTVCeE1rME1ZaEV2N3FEd0RrNGxzTlVqK3YwQWp6R05PUUlLKzlaM2xHdGJIejJLVnlkQWxaeHJjNnZnenNVeStPTllaczh0YWNWM2FHZDI3MVRnVzNJMmo1dlpXOE94andBRHRhektHZ20rQUlIbjlHdWh3c3A4Y0hGY0FIQ1FxZndiVWRJRTFDMWQxUT09In0%3D.b219a4c7c8e72556.ZTQwZWEzMzA4NzU0OGI1YTkxN2NkN2JjODY3Njk1NjE2MTMxMTQ4OTc5MTllZWUyOTM4NWVjZjYwZjBkYjFlZQ%3D%3D; ndsid=ndsamtxxv65gq4nligp64f2; _imp_di_pc_=AZ%2Fde2QAAAAAiRXlvx3PVFz%2BE2YM%2FakG
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:41:11 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=n6+Vf%2f7h19ItpVFfr1lYNtN7mbTyJGP3szKEDZgDphuAdBFBa2XPXG5qB2CbWULI; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:10 GMT;Httponly; Secure
_abck=41F633CD0D3B21BC7EC6E0372E2AEB30~-1~YAAQlNAXAuY64naIAQAA5NTZgwqqPn2JVoWD7tMhxgDxcmhCsHdW31xKVGTi3omPU7WqBeHV0kA7DfP/cNPB2Yzo1sTwaw2sLlpVc0frGSluXo6oGBSjSK4soGy2NWf8W1fVrwx9cHAJoQ3CizcNK7hNAXcICVoS1HlwQbvQS9nvt/qh4Fcghn8oNO2QQSHOd1lgZfDkxwqa6MUl/rBpQvsQZfhJwozdPiBVH9zMQJbjUoh4Wv77HxhaCqlPyDlBBrB6+FTOi8TZn3m1eQlnrIZg28KscUYdjfLJwMPBB+Pg4n8A6DqT1KcaC1/kwI2bnH/e/76o15elaRjDO9z7FijpqBsvaY4X986Vw1t2AwLRZM+R5sA+KBYe+aGUUqkO~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:41:11 GMT; Max-Age=31536000; Secure
bm_sz=AF7E0FF572A538AB0072D5A4D0602A3E~YAAQlNAXAuc64naIAQAA5NTZgxQIAbvAHfAdXIge67Z9/H0HPV2hf8Ox0xIPy8x7CcJ1g4Pgega0cp/wsHcbxUtyTztyxcty9cq7pDOlGbQa8b4LWCO6bYK5ko8peh9NHGneicmlVckWoRTZf6l7m27menaDQl/Goz/P14PLA5oL6E5qDsKRlrtO5QzLLgp1xeL141RAcgksmqNZv1wogrjBEL5yNwwMLxVJNWNtPA+J0nYmEJO/i5B4X4vxPz2s/nF4IY/LY+vdXWc5fsYc4Rzgl/fKll7DruPkASNqSJDueS4dT+kT~3487536~3289652; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:41:10 GMT; Max-Age=14399
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bdda6_kf173_12434-19142
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
44.229.148.127200 OK 190 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 44.229.148.127:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 5e7a6fa33c18c6d1abf6445a22022ddd
2c44edd015155780fd611514d79cd5587837a272
7bb49b1c712c39e46a1b8ccf513d9dfd22e14e568fca658ea373e112324afcd8
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:41:04 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pid=549c2b8c-29d2-4f74-833d-108675ca7ac2&sn=3&cfg=32a3f9ce&pv=2&aid=
23.36.79.9200 OK 164 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pid=549c2b8c-29d2-4f74-833d-108675ca7ac2&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c7d32efb05f1371dc658e0b366d6f530
8029198f9fddfaf88f5806d2e80e9912b2fd3069
c26c4921b23949c5cf81a6988e75280006a2730cb0bd2a164e4e66115dd755a6
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pid=549c2b8c-29d2-4f74-833d-108675ca7ac2&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 44235
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sun, 04 Jun 2023 00:41:12 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!JjVCvq/Zo7zSEfR54TfMmyz5FQ342RUz+KV1+09PNvP4OfnBozWOOMi0p6RKqooVmPRVCzd/avvC8eI=; path=/; Httponly; Secure
DCID=5zogM8Z7eS45PZmyB1g70svs7ZHd4LTUwha91oJe834%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:12 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
95.101.10.136200 OK 1.1 MB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 1.1 MB (1084986 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=i1kDbhpYgfwg4PrMLJafcGLxGLEgyGjGXBYfuFlOul6pOLJTKDZFArM7oTw6UkQq; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pid=549c2b8c-29d2-4f74-833d-108675ca7ac2&sn=2&cfg=32a3f9ce&pv=2&aid=
23.36.79.9200 OK 191 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pid=549c2b8c-29d2-4f74-833d-108675ca7ac2&sn=2&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash eb8710876e0b78296af651c490cbb229
ef87d022a2dbee9834e7f74982dc359b4ccfe768
1938048e6b91a3ded6ec2fd219e2cb9006dbcdddf1841adad81bade5f88074b9
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0&_cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b&pid=549c2b8c-29d2-4f74-833d-108675ca7ac2&sn=2&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34093
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=6bc6b12a-c082-4a3a-ab84-9366ae011b5f:0; _cls_v=2fa56f7e-c8cd-4d59-9cef-455f230a805b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sun, 04 Jun 2023 00:41:12 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!nEYiFp4HxzVil9Iq/D2JHXmrrcNtC+KCnsGUPuy3sD+zuZaHfK1Li133Vy3WCZ1h3+ywnjTH1s5TOw==; path=/; Httponly; Secure
DCID=Ip885P+Xfso7WDIXDhu%2fJ3KA+N9Pxm7fztZKXTvQSKg%2fx4iSOMy+yGUt8ogArSR1; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:12 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
95.101.10.136200 OK 1.0 MB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 1.0 MB (1028126 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:41:02 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=38I8dOf5ZSEbadgSol93HNNd7rsi3NjMwmzSFkPYIHKrxTyGOcn8rTkQxpkAB9Ga; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
95.101.10.136200 OK 596 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 596 kB (596076 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:41:01 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=kJIzSZ5s4YBELzTEsPPrp1VgdK9Y0pn0A5XoFxDL2nbbdf1clF24GPxJnPOh+ids; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:56:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
44.229.148.127200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 44.229.148.127:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 12847
Origin: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:41:03 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:24182169-4ca2-44dd-b434-a9ecc3ed910f; Path=/; Expires=Sun, 04-Jun-2023 00:41:33 GMT; Max-Age=30
ADRUM_BTa=R:55|g:24182169-4ca2-44dd-b434-a9ecc3ed910f|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sun, 04-Jun-2023 00:41:33 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sun, 04-Jun-2023 00:41:33 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sun, 04-Jun-2023 00:41:33 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:8; Path=/; Expires=Sun, 04-Jun-2023 00:41:33 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52
44.229.148.127200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52
IP 44.229.148.127:443
Requested by https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--uy49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:41:04 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2