ocsp.dcocsp.cn/
47.246.44.226 471 B IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash cc7daf8ad2058b437f5b81844f35d0f4
3594e814a931af386325370f4f072c03d7d8682b
ce85d1fa0c69c629d2ffa38f0435a3007d682bdeb455e4d9a809472b96da90dd
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 10 Jun 2023 11:07:10 GMT
Ali-Swift-Global-Savetime: 1686395230
Via: cache21.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache5.se1[21,21,200-0,M], cache5.se1[23,0]
Age: 2814
X-Cache: MISS TCP_REFRESH_MISS dirn:1:337136832
X-Swift-SaveTime: Sat, 10 Jun 2023 11:54:04 GMT
X-Swift-CacheTime: 786
Timing-Allow-Origin: *
EagleId: 2ff62c9916863980448708160e
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
163.171.134.56200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash d08d18fa8630a80b8680e215805cde1f
cc3f8a7af558f28c4ac5d2c3d25e0a3d698a71fa
187e6c281884707f00e486357559ee3e325952a71ade4bb52ca39d894def9eb4
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:05 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18965
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nuance.com; script-src 'nonce-aa3e4691-0cf7-429b-ba60-cfec99853f1c' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18893 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b; Expires=Sat, 10 Jun 2023 11:54:35 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 11:54:35 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 11:54:35 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Sat, 10 Jun 2023 11:54:35 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:73; Expires=Sat, 10 Jun 2023 11:54:35 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306100454051620897347; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 11:54:05 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; path=/; Httponly; Secure
DCID=KVjM+HAvf1m6pwg2ivP1LRPIzM9f8vzUdf5DTVJq9HHH9FkXHcSKUPiLDyU9qj34; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:05 GMT;Httponly; Secure
_abck=CF7137A99956C6793DA5BAE519049F97~-1~YAAQTpbvUBmyTZqIAQAAsQwopQpOmai+1uwF/ebElTydGyBSsaoMJdyGkQOsmopRAWx0ChZ4m3qafLA00+fhnXby6Zfal05U7tvEXFXvUsW+dndicWUDcZKb/SPl5PwDGprEN45wVH3pzow+iotr4hZOxp6DzQ1Y36UWccs/GbLzOlm9fgyrgf6vKhTMqMHUgl6LPhT8XfbMFkvsfwmm6Y+yapyPIiwqH86bBzaMxfXLVL6i6vYpB4+292aRiFsodehmUIU51q6nENsi1Ogin45CUdXZjD6FjIPt/iF0TXXwG7LCeRYeaHoxpPuVwu0gzp2yezEqIWl/XqawkUczpwALQ7hqy0JyDs3gU3pOGPjBlIoIDN7GUq6E47vRT/te~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:05 GMT; Max-Age=31536000; Secure
bm_sz=5857E3D5CD487EA7964B3D1F29E93F1C~YAAQTpbvUBqyTZqIAQAAsQwopRQaYul5YfTy7734YeMermJOQV7u35uZYAfLmRovxM63M2AIOfAljhMwLbpjwtqL0Vag4EQ19U5JwDBJXCmUagSxGlEIlo++6Fi9PNb4c9dXDrswfmJ5mDbABwlE3iRyXY2365r68keLt8gsl8HEn5zATCAN9430cpIfn61K+bcqFqpjtazfic28z5wJvYd0NsKKePBTONASQmRQMobmcnQJs0PJCa42qdRaCgC1DY8FrcIjRORJ6ivVl3/obI6kGb+FYIH8TDpA8gjpT0SxD9pcG5kv~4272453~4272707; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:04 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645c_VM-ARN-01XDr43_17013-17287
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=480875
expires: Fri, 16 Jun 2023 01:28:40 GMT
date: Sat, 10 Jun 2023 11:54:05 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=480853
expires: Fri, 16 Jun 2023 01:28:18 GMT
date: Sat, 10 Jun 2023 11:54:05 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
95.101.10.152200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Sat, 10 Jun 2023 11:54:05 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=E5pKeI7fhwIJ%2fK3AIM2Tpw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398045600_1600457364_459272_25_7192_3_34_-";dur=1
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
95.101.10.152200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sat, 10 Jun 2023 11:54:05 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=9d82clRLtslIHEddApqwQg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398045602_1600457364_459276_98_6302_5_36_-";dur=1
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=481062
expires: Fri, 16 Jun 2023 01:31:47 GMT
date: Sat, 10 Jun 2023 11:54:05 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 76 kB URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 0d61b4e4742d5251c44efcd5d8166a2c
04189d5a539c1cc84fee87994097919000f3434b
c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:73; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:05 GMT
Content-Type: application/javascript
Content-Length: 76203
Connection: keep-alive
Stored-Attribute-Sha-Checksum: c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Last-Modified: Wed, 26 Apr 2023 15:12:26 GMT
ETag: "5b60948dc39561fee36fa77d7eef5047a16cbdb8b05e43f4f2fbc918f19cea08"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=wP1+rQtqLv9b8bnkCo074Q%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=52A45FBDAF2904C10ED28EA967BBC1C3~-1~YAAQTpbvUCKyTZqIAQAA+w0opQpZ9o1rl5pW7rITymRVvBNq3NVT/R3acj+2Tcp7Y03QLLm+Hp12qQkk4I/wAXanVhGUBdf1GJhsDgIajo7Iw+SJ/6nESAItQgoB0Y26QSx709f0FaHScrYBrLWAVQnftFHZqK4wmKqv5sVguYeEjrXqRStMcsXd7TYpQ5/d4jI46e78LYQWPTzRYeApro7Cd9z69Ber4xph+0zSAYVvWKYKSB5OJFz4hgBIF9cMVqn00qbkmzvwzy61G8MjyY7uHFmMHRQjL03BiX0gwYr9fHZGfzA+EsAdUe7+db8klQoaZLeOrgNKUTbrTAADfYOQMBCr2ivgrzHlxjfgH6OgKXyReLLuBHnaWk9i8xv7~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:05 GMT; Max-Age=31536000; Secure
bm_sz=73EA3F41B3497767CD0E7B4EBE41CF5C~YAAQTpbvUCOyTZqIAQAA+w0opRR8Jviws9U8HPy02n0g7mr9diqKH9sMlB7MxahE7/mjba+XRwjyTxoSd8RV64o7BWeZ0S2ossH/P05erTPca5vHAdsXDP2SrG8Vpf+LFyFKkxPcl1Tg63DMc0qhBK8e4Nh6zvSB81qybU8mgS0GUnI1q8puCly+m9QaSwYIBDf8sGt1iIq1QIjud351kF2U1q5ghLl9suBu/HNjAcxVthk+QCejOw4foTVv/OR6rWvGRFhW1mWeipsylKTAYwFFsDbmtwRrzONtukz2wFN2l98fof5C~4338498~3753269; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:05 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645d_VM-ARN-01XDr43_17053-16320
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.134.56200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 639612224995638b19908ca003c5c27f
8dee285a7b72eff0120b7095f5874ef300155be7
b06999ab5fe0fbfcbae4fcd87dd59688cbdf1cb68023b52fd441f3aefd34db1a
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:73; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:05 GMT
Content-Type: text/css
Content-Length: 24054
Connection: keep-alive
Expires: Sat, 10 Jun 2023 09:27:53 GMT
Last-Modified: Tue, 16 May 2023 18:56:42 GMT
ETag: "6463d1ea-2b00d"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686342736919_400014893_117600927_532_12232_0_4_-";dur=1
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645d_VM-ARN-01XDr43_17011-6234
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.134.56200 OK 59 kB URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash a933fdd4ac4b1b509156b6d8e5a3f6f8
333f8eeb5ea0eb2f178eb84e2f05889ae6003d24
6097c62137472315d46a883ed1c7f75f8f3ca70dab8a485f39a02a0ab92b906d
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:73; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:05 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58984
Connection: keep-alive
Expires: Sat, 10 Jun 2023 09:27:54 GMT
Last-Modified: Tue, 16 May 2023 18:56:42 GMT
ETag: "6463d1ea-2d1ae"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686342737187_1551625750_371152899_24654_17871_0_43_-";dur=1
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 VM-ARN-01XDr43:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645d_VM-ARN-01cnE31_22203-59475
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.134.56200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:73; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:05 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Sat, 10 Jun 2023 09:27:53 GMT
Last-Modified: Tue, 16 May 2023 18:56:42 GMT
ETag: W/"6463d1ea-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686342736963_400014893_117600996_1050_11327_0_5_-";dur=1
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645d_VM-ARN-01cnE31_22143-44690
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.134.56200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash 24e2a784ff926c87492804b1ee002505
28227f952ca5fe3d24a56d3d460977d77e0d23a6
2dbc422463b2a43eaf745f401feadfecf5c1142d965304775c2f2aead00617d7
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:73; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:05 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4283
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 10 Jun 2023 11:54:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A-INKKWIAQAA-FY0oGmwybqI5mK4Bc8HKIytZvYk3jdRtJI8O-nnxj58wC_KAaOrhiucuNk0wH8AADQwAAAAAA|1|0|beab480acd728f8a5c235549294ed23e61c4df9a; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=dTOO+x0JrTBal7bH+KESMXerZ8ZHeQ3ZFaSdXe0NqsREQKJ226zifdimSQY31bB9; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:05 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645d_VM-ARN-01XDr43_17013-17295
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=15089482
expires: Sat, 02 Dec 2023 03:25:27 GMT
date: Sat, 10 Jun 2023 11:54:05 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15093364
expires: Sat, 02 Dec 2023 04:30:09 GMT
date: Sat, 10 Jun 2023 11:54:05 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=14985652
expires: Thu, 30 Nov 2023 22:34:57 GMT
date: Sat, 10 Jun 2023 11:54:05 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15094246
expires: Sat, 02 Dec 2023 04:44:51 GMT
date: Sat, 10 Jun 2023 11:54:05 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=14985655
expires: Thu, 30 Nov 2023 22:35:01 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2436
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:73; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 11:54:06 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ls0c%2f7sA+pMzqimx%2fCYTzg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=ls0c%2f7sA+pMzqimx%2fCYTzg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=C83B281E8AC228CF573FAE44AB221C94~-1~YAAQTpbvUC2yTZqIAQAA3g8opQp9TYAlbXz/bYOF5txha0bUv994i2XYeu8MS+KOMuv/QsDN8TxmWXgB91l9/KeUaYa667oGkPQPvSavwAHaW2wIQIKdcgotba5dgaVVmyIVh2k8t71oPZ337nmFVvze9R+8/LkrwkWSpnjpqKmcTyOh27ZkDHWEAFDU1z0C2kg/zAsjnnMvt9+HRGCCTJoo0g+lECGdWiC0FQJjsK2Dr1gsK8TFOqLAHzdFTTx3YC6nP1mZV8u06/prM9Hx2yjeZVbIEWqzk4mxGdoVe3+YpmVmnzNEn+dxhgpsnyc3I7m2aTEuIx+WgwYJC6XMLHyJ9NdRmHMqi1itZbY6F/6TBR4cH1Pz/IhJPLRrOIAI~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:06 GMT; Max-Age=31536000; Secure
bm_sz=E66332C7677E9095BF15D38FB9EA1A47~YAAQTpbvUC6yTZqIAQAA3g8opRSEOAm/0R42MGVSXTtUQ/AjiUo4M1XiIBfJ2hcVuZUBADyOHEonewCg5OK8TqJ34MS7TfPE1S1jkeyX4EPN9MfEl49sUDcQgUKUcM0dmDqgrMvXCeBPLwqBowOWFG/OlY3Ia40ntrZqDTR9YLpJzqYbV1oiyIo5bkzb8p6o4C70AcnsNJZHmIO5OD5IFvxmI+i9zinBFfeO1QL/tYfKQsheA+kacwp+knYel2gw2z95pSg/6UyPi+FUrPnDPGuQNux8JtsVfrQ8WbgDv8t7OKTRVjtr~3486515~3551288; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:06 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645e_VM-ARN-01cnE31_22143-44694
c1.wfinterface.com/tracking/hp/utag.js
95.101.10.203200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Sat, 10 Jun 2023 11:54:06 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=udMgRF9PcvZUVx9Egn6ODg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398046110_1600457415_28156224_14329_6919_2_9_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/target/offers/conversations
163.171.134.56200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (10800), with no line terminators
Hash 4fcab3e32740f89b332f691986d571b2
2cb66e7536da83198a3e22c9480a6ffe07e60ae7
153d9a528f6e9add7ac1fe6161f95c0f279a8d2f2082353818d245f75df8f25f
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:73; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:06 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2114
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nuance.com; script-src 'nonce-fe7b19da-792d-4e5d-ad66-f0bd5b65e3e2' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:73; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c; Expires=Sat, 10 Jun 2023 11:54:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 11:54:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 11:54:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Sat, 10 Jun 2023 11:54:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:214; Expires=Sat, 10 Jun 2023 11:54:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120230610045406454984625; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 11:54:06 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=53348C7A56472A3B5319148B7924F7C2; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=M3OBjVotBMk1C8fzdBjBiSvyhuWDofoqJ7N+kN+FrHU%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:05 GMT;Httponly; Secure
_abck=DFE32488C37CD2158B04C57BF6E72626~-1~YAAQVZbvUBXB2J2IAQAAdBAopQoVkDcF0dY+GwkZgL/BlHh7jJw/nQOLKSVmCP9nKbOwG4Ig3z2wbtKSGv3Cu2WfnJOrgDFpqbe1+9Eq7w+gmst3B9Xanniqw9E/k/z8IxGueACR/DzgSkCdJmkCpqyOLrk9aPmA622tif9ffjl4N2XDl2URv5s4D2L7hIs6eTKZ9Numw3NO4Q0BM+It00f7bQoy+yc+yauQjjE4twOVJtE+fmP2qEusR/hGgDWjOvOnOMAkpvyEjPHxmH7mFtU+qI1sxXl0fUZfXjZfq0MjZz6WQvVRM5hWSY4qDM5WWcA8lz4W0YA27WdxCp7+svobq/YAU1ny8loggomenJOtBg1kuidmvxIfCurBcIpb~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:06 GMT; Max-Age=31536000; Secure
bm_sz=B853BF8D8FE95DD3D682E1F346974A0E~YAAQVZbvUBbB2J2IAQAAdRAopRTgxL5SbDdRIZh9M5k4uKTI86LkRx90OQN7qR++jQhjOc/XUJPrbnMav7OT+wuif9JsHnmJ7z6QOrlQgyuMurGAxWKHEOlZycoSNqt1FNiGLHGblqJ1m3QHQWPHhQnQ+uOgao6+odbucIYvT5IOJr+DaQ/3SoQfnRYQ/u2CEZXgw3Sx5qkuufdmqlC9hiuOaOj1Qm+d0Ns1rLUyeh5kASTJ8xc1OTkdbYVO8zfi6tGamyGRTwGfx3wQnBc+t7zVMCR074dmp/2qB4LTAFwNG5KgVe83~4338498~3753269; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:05 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398045892_1357878869_140378383_42142_7013_0_-_-";dur=1
X-Via: 1.1 VM-ARN-01XDr43:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645d_VM-ARN-01XDr43_17011-6237
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg
104.110.27.78200 OK 1.6 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash f4ea54d2de3587734104a7fe6ac34593
abb69048123b667ad90dcba04da4f08a4a4aeeb7
e802f40411f32bc8331100de87c647c70071bbd2e29a44befcd52e48c6020205
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63f63d12-aabe"
last-modified: Thu, 20 Apr 2023 01:43:32 GMT
server: Akamai Image Manager
content-length: 1646
content-type: image/avif
cache-control: private, no-transform, max-age=481849
expires: Fri, 16 Jun 2023 01:44:55 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
104.110.27.78200 OK 13 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7d601c2b059838fc333feb0e3e020fe1
f57bc430ce2a2b0c146e8d573569367c6bf75bc3
dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c53-e73f"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 13330
content-type: image/avif
cache-control: private, no-transform, max-age=480958
expires: Fri, 16 Jun 2023 01:30:04 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
104.110.27.78200 OK 25 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash bf978a151ba3f10a7412e8cd5fbdb863
2af8e9c16c4f1e96ba1e86beee63521c802c2cce
ac555d446e447b4c8cf2bf2dd377d53c3b21faf83da3259dc8839c782eba1d9e
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6350580a-d82f"
last-modified: Thu, 20 Apr 2023 01:30:23 GMT
server: Akamai Image Manager
x-serial: 1019
x-check-cacheable: YES
content-length: 24880
content-type: image/avif
cache-control: private, no-transform, max-age=328415
expires: Wed, 14 Jun 2023 07:07:41 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=439336
expires: Thu, 15 Jun 2023 13:56:22 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
104.110.27.78200 OK 44 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 9534a04615e76afcd0a4dda5cdf8dd7e
516d3a11907386abf70170a54409523592c068aa
d7579baa6c30dad3cc501d73364183349ac085fcfea7c2af16aaa11532bc5907
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505837-def7"
last-modified: Thu, 20 Apr 2023 01:40:39 GMT
server: Akamai Image Manager
content-length: 43802
content-type: image/avif
cache-control: private, no-transform, max-age=481636
expires: Fri, 16 Jun 2023 01:41:22 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=480921
expires: Fri, 16 Jun 2023 01:29:27 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
104.110.27.78200 OK 562 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2bcde1c3190b4af34b91259d18dcc641
3e6b6735a8876b4a326648142fab032a8bc57999
de658330c0f53de61d10240f572508c31ee9db580f34b856430724f2e499104c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c4d-769"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 562
content-type: image/webp
cache-control: private, no-transform, max-age=480945
expires: Fri, 16 Jun 2023 01:29:51 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/active_cash_refresh_hplp_1600x700.jpg
104.110.27.78200 OK 16 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/active_cash_refresh_hplp_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d516a96491a0b33b47c2e49db6b8a5c4
93b1204339bf66f79f6a2d6558c626d7abbf61bb
f40420b950b0cc7bee20904578f6cb4bbefda6d2a6a73bf400f9579da4401243
GET /assets/images/contextual/responsive/lpromo/active_cash_refresh_hplp_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62d96afb-178fc"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
x-serial: 1184
x-check-cacheable: YES
content-length: 15795
content-type: image/avif
cache-control: private, no-transform, max-age=459271
expires: Thu, 15 Jun 2023 19:28:37 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=481000
expires: Fri, 16 Jun 2023 01:30:46 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.134.56200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:73; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:06 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 10 Jun 2023 11:54:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=DNXJVlHiZ5rys%2fNAYbRTOnabPtxHH3R0Kk1mWL%2f2b5QOP%2fjaCTszjYSFDCxRmkNy; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:05 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398045885_1357878869_140335260_21817_10455_0_-_-";dur=1
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645d_VM-ARN-01cnE31_22203-59477
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=481188
expires: Fri, 16 Jun 2023 01:33:54 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=481303
expires: Fri, 16 Jun 2023 01:35:49 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=19018
expires: Sat, 10 Jun 2023 17:11:04 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=481048
expires: Fri, 16 Jun 2023 01:31:34 GMT
date: Sat, 10 Jun 2023 11:54:06 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMD-EaWIAQAAmhTN8MPXQGETl7Ca2de-sZ_bkgPP3SscONC8TkPeQvUrhMyq&X-G2Q3kxs3--z=q
163.171.134.56200 OK 149 kB URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMD-EaWIAQAAmhTN8MPXQGETl7Ca2de-sZ_bkgPP3SscONC8TkPeQvUrhMyq&X-G2Q3kxs3--z=q
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 149 kB (148577 bytes)
Hash 993e6b8583265cb5cec54804d8efced7
36f6da085ac133fda3252e5436140af98ae5e167
27bbbbaf4ec78dfe06e0091ab377aacd8eec2adf4ba59c9bd47b0dd37055cb21
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AMD-EaWIAQAAmhTN8MPXQGETl7Ca2de-sZ_bkgPP3SscONC8TkPeQvUrhMyq&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5dbae6d4-bcd4-4997-af43-d2787d630b1b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:73; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:06 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 10 Jun 2023 11:54:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=AxAPKKWIAQAAvRTL3wq-_a989L6JZkkMoElJoAjh0rZ-G_SS3ZdTqORwGu_rAaOrhiucuNk0wH8AADQwAAAAAA|1|0|039bf8a38fbb69b622869910421456a82521f414; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=GJyHBhlbQOrKCwQdKvLuAwPjRNCj6jYaLiFPe2GQ5I52vwMhobaF5Bth8krveYM6; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:05 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645d_VM-ARN-01XDr43_17053-16321
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2596
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:1$_ss:1$_st:1686399845811$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 11:54:07 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nwBHzbMxs9KvSo51dJkr5A%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=nwBHzbMxs9KvSo51dJkr5A%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=FCF831FDF01D03D9482AE6A4F7600206~-1~YAAQTpbvUDCyTZqIAQAAOhMopQp9j+uL8YRC6/B40v3GemY8eVKpDO9lUAJnhpLMopMh3Fr9tz8Vca/vRWFxRUZuafyvjlVwdIPUBlkvWTXw7CQWogY5qIVFyLDlsC/mvUqDKwBkTlP1IE0tDNvWKOA/kdqHUpLRwlt9z1Bc2tdSxtRiIcXQhi5ggdcyr/F3UIdjEFQFdxKGdILEgwJ4XYbNCHznJYtMMvQLbq36Ptz92jMJGlUF+gSCveHONvB58NPCeOfvRvN88Zsuzrh8D0vwMekhObr2Lj/pyxlqCiuxwjfevrNoSTNSTEbqgGuq7N7UL0b/N/acsM/Tg1Vjs2G6Nt6gTek31iJwu7xcIl6PJc30kiibzpLkQ9+4jPPe~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:07 GMT; Max-Age=31536000; Secure
bm_sz=848F5B7726C58C992D3A3E2219375F44~YAAQTpbvUDGyTZqIAQAAOhMopRS99ssFapw3ldSj3aZZ4qDvecSQ+M5rdFIxDfAIAdBX6f/7qiHvWMcntYrJBV8qQL766ZlBKu5ddKWl5AghrArbY4xRr1qBxfvLEItbFEApOtwKh/IZ9yBhILWWayvR8KOFnN8Ttw/J3FPP+Bo+F4xa6MDL1E0Wm6SPaqabtLeQ1DH5MYnjkME5JZuMg4Fm/0mt4lMN9eWt4pqNsKQXuXMfOoMrkcvgXJk7a6MfetxVsFtw0OwGQR4m7V6fbhmjO2mW+5vZhgQ8IWhBnJInSoiJPFgx~3486515~3551288; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:06 GMT; Max-Age=14399
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645e_VM-ARN-01cnE31_22203-59479
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=375792
expires: Wed, 14 Jun 2023 20:17:19 GMT
date: Sat, 10 Jun 2023 11:54:07 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=481015
expires: Fri, 16 Jun 2023 01:31:02 GMT
date: Sat, 10 Jun 2023 11:54:07 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=480877
expires: Fri, 16 Jun 2023 01:28:44 GMT
date: Sat, 10 Jun 2023 11:54:07 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=481003
expires: Fri, 16 Jun 2023 01:30:50 GMT
date: Sat, 10 Jun 2023 11:54:07 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=480879
expires: Fri, 16 Jun 2023 01:28:46 GMT
date: Sat, 10 Jun 2023 11:54:07 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=481160
expires: Fri, 16 Jun 2023 01:33:27 GMT
date: Sat, 10 Jun 2023 11:54:07 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=480897
expires: Fri, 16 Jun 2023 01:29:04 GMT
date: Sat, 10 Jun 2023 11:54:07 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
163.171.134.56201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /v_EygJB5GsknpaWTvIAAC_C7oUg/YObaNrDwN6h9S1/dzldXmhnIQk/byJnF3V/sWSk HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2688
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:1$_ss:1$_st:1686399845811$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 10 Jun 2023 11:54:07 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=2%2fatz1LLb+9M91+KvahQow%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=2%2fatz1LLb+9M91+KvahQow%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=5FFC6E4E7A49F9D7003099E0F09BCE07~-1~YAAQTpbvUDWyTZqIAQAAuRQopQpkakPdVNLmNFDf1Lxw9mTubqdbXct4i5f0mltdqWBPsL/AkJ+ReMHusDrwOByuNpArEBzvuOBLUEb5TWHqOks+DptNS6YjfMeSLF4/YGgRLtyJztdMedDNY3gC3abg/9+fdwzXL96QWBKPjWfz1u9p4ddMf9jzHw9d7o7U3XlZzEQRJNI29KuS+Kmllnz0upzJsUHVLNAiPFjx7kn4TYHfiELDh39p/6/s7YqK/1wPrYH7FVZ9PKYJ9Ub+NauglQyQcO6I7iXFAj9Y9zhPcFtCKpLiqqtE9+9+KQ7WazTD9AJnV7NK4elifhyT3OwdGgL8IdPf+LHum13M1v7RoD5wZqp/8EZcQE+s9Q0i~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:07 GMT; Max-Age=31536000; Secure
bm_sz=540A949C3DF14E87C961D00FDBB3919A~YAAQTpbvUDayTZqIAQAAuRQopRQFSCyROsXNFnqTunyYRiEqpBbh8mAF+RaFIyd4S5FMid6J4pJPABHOzzlAwuN/0s1Kq/fAX9hn7wZKHI//5bManiwf4u2crViMMK7NveCUrZvY0rtpkuJFn89Xjpnt53PNDMagLPpYsN427GHHyEQD+LnblStO2/i5Ziju/XXmnTisONjaO8VkvNTkBNRmNing7/9gkk2KT0tNilFw1IEuoOAqnZ1nQxXrxndp1g5zLlZvZxcu7WGMIg64I2xpfy/1en3EQE9wRNsjpsys5XGl4QNl~3355700~4342341; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:07 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645f_VM-ARN-01cnE31_22203-59485
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=480845
expires: Fri, 16 Jun 2023 01:28:12 GMT
date: Sat, 10 Jun 2023 11:54:07 GMT
X-Firefox-Spdy: h2
c1.wfinterface.com/tracking/gb/detector-dom.min.js
95.101.10.203200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Sat, 10 Jun 2023 11:54:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=rrwJEw7kRPeF0c8YV0e95A%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398047509_1600457415_28156277_23_6284_0_0_-";dur=1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
95.101.10.136200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Sat, 10 Jun 2023 11:54:07 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=7MAcM5iyDnmlE%2fn7luhF613MUNZvX12%2fHr2oCc+lTgSrOk3+2OdX7ZgUOTZHb5H+; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398047404_1600457348_51252845_16329_7017_4_14_-";dur=1
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
95.101.10.203200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 11:54:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=YwbbUPIM4MqemAqCxUMpLw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398047514_1600457415_28156834_11185_7086_2_16_-";dur=1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
95.101.10.152200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sat, 10 Jun 2023 11:54:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Uc469kH4AGJF2GhrfU8aIw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398047716_1600457364_459284_53_6242_4_0_-";dur=1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
95.101.10.136200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 11:54:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=iv1m78QgdPTCouJ3Q6qdTg%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398047728_1600457348_51253007_71_7284_4_11_-";dur=1
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
95.101.10.136200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 11:54:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=tBfWOYZpLc5YJ0jW7Ex85w%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398047726_1600457348_51253006_885_8110_3_13_-";dur=1
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
95.101.10.136200 OK 151 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (151277 bytes)
Hash 4a1d3c9fa67903ba81901509ae07d06e
085c5524482fe1ec5681ecfb7e1fe2e129e7a6a1
5c8b9e9a4ff113022c4ef9c8bb894c66f16ac06e425847ecb7a72cb8c5e082b7
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 10 Jun 2023 11:54:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=Aw4VKKWIAQAAhEeoSyy80jCb3fLyLWbcfaz4b0IcUiN6prIXhTWXAf9Tr7buAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|16a3c673c3153fcd42921aef040bdbb6b328b374; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=X68F+ikh9JdDa%2f06N%2fkZTiZTEWOgJZAYEB2o2KyyCaLDBA1ROti2y2sBE1PA9jXg; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398047401_1600457348_51252844_22624_6726_2_16_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.134.56200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 2a223fa76993515651d98fff9c733740
5a34f37939cb99fc6c1673b8cb9837154b3fb825
b3f7f99261f376be97d19a1184707f9c4d7c7be8503103714b973bd3f6d05f7c
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------162845152719263018192623564214
Content-Length: 171
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:1$_ss:1$_st:1686399845811$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:07 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=27zNebjJrH5lOy1JzROdJ8gfoZPRleDvhfBlci1i4YaU+FTbf85twCiJ3JRuO+oC; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
_abck=4AEC0B975CFF3FD51748466F02DB8415~-1~YAAQTpbvUDmyTZqIAQAAPRYopQoqABgXuJNcYYP67VXkx1pSqEdpHsW542wNbxJt+aMy+JVrnfOVhp2HqxuONSaXMuVBfgYo61cXi7RpwpLnSzRHbDvqykrymn1ZBLlRh5CXBe+9zhy1fZ2y3z4XgqfXMXF7hv9KfhHxaBygzEOXg2L+ofr0uT/Hxm0+QlSFGLBh7j8lSrfHFN+oM15D2V3HfJkIQT+vTSWt8sVsmIRatL7BhuWjmlnK6hS8lT/AxC7GyeJAa+/3eqszBUFfK2Nk/lwyAjJ8qE2amgNfIQQ9KnM6uEes+D+uin0kePJm6/wk2cJlYk2mzZTysgA6VuAppq/8ay0jxNWziyRMIck0YRiZYLEM4Y04VyVsZd/W~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:07 GMT; Max-Age=31536000; Secure
bm_sz=B680CCE98FC311C3739EF5312864ACAA~YAAQTpbvUDqyTZqIAQAAPRYopRRouySlQaSMmLkfZ2gNCStaR9bvhhyTAQJYi+AbZ9vYM8OtRJXrqYX3Fk4XixfKGGA6sZ29x7DMdKW6Crg8047OXobfebX4kot+/CcYRYWaMuzcDuny1MJOBgN04rMWWb+fRKyS+6kdXqi3f3QOj2ESryCU8YcCUAeL9ytiNNLBaVQmHdyfqo72oVQetpiZMlcgRHZFEQIOyhDX7RiAt0HA/qNzsOseIdPc72OiAS3/9zWyhYl2uoDxFm0Oxmnqq2Uq5MvoHcvhUgyfuM8xdMKqX8o8~3355700~4342341; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:07 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645f_VM-ARN-01cnE31_22203-59489
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
95.101.10.136200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Sat, 10 Jun 2023 11:54:07 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=bHXoNQ0FOrRibyMRWTDT5XRDoGZGXvEtX3DSKac1QN8cvc1zwUjYs0opV7Cc1SF+; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398047696_1600457348_51252989_15606_7082_2_21_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047107&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047107&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047107&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:07 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=nuchW8+CUky+Ls3xf8AcwftShtNBK61v7gKTNvPEj4M%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645f_VM-ARN-01XDr43_17053-16329
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047145&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047145&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047145&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:07 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=9SNAGI1cSO4nD3qNC3%2fukdJe2c8PQiA31mx585YyEtE%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645f_VM-ARN-01XDr43_17011-6248
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047156&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047156&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047156&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:07 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=PtdoHwQ+NEkGwUIC1gFeOg8kGIaPrIooxab%2fPwUGYow%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645f_VM-ARN-01XDr43_17013-17306
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
95.101.10.136200 OK 308 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 308 kB (307653 bytes)
Hash c85014374233a557bb0c3371506bb5a0
aeb987debdb406b79606440a165a027770ee03c7
79c53c9a2acedfe344e6246a510b6c7a687fb868006a15f7afd5886a1b88abf1
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 11:54:07 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=HaX4DY8DLz6vWKfhVpdYTrIw%2fL6+xBkaqij8VMvFvJ%2f5g0FZxbDgq%2fJOHhqXpvSO; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398047713_1600457348_51252996_16138_7889_11_20_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047159&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047159&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047159&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:07 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=fElG7mgFcAk8GZkGFpnM3dKiEhPtPVHQUOvVZGFvPyw%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645f_VM-ARN-01XDr43_17111-24386
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047153&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047153&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047153&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:07 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=7h+9Ofb3i9HncXKSsPOOOAwB6z0L2Re30VitCgdCCkfFypt3d2t9NSqRGtPknDXc; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645f_VM-ARN-01cnE31_22143-44703
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047162&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047162&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047162&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:08 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=SJscZfJ%2fDsZn42Wwb%2fzvDyG4%2fQKIamrPP0Ri+g6SAzM%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6484645f_VM-ARN-01cnE31_22203-59490
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
95.101.10.136200 OK 367 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65439)
Size 367 kB (366646 bytes)
Hash ed876d09f51c9e3bf7a72d9cd0c6ba70
1451ebd78f86e66969ac4dd31d52744cc68fd9a1
09d080b8cbf4892422de75f1a0f2ce43e3c9578cf6179674546782dacc6178f7
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Enf%2fasofXTeFqgvgmH7UigJuesL1y4HAo%2fPXIE47xcM5RBdbUCH7XIqlTRk%2f9D27; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398047700_1600457348_51252990_16055_5512_2_20_-";dur=1
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
95.101.10.203200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ca3wDQV6bzo5bV3qz7y+HA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398048185_1600457415_28156856_219_6638_1_0_-";dur=1
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
95.101.10.203200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=o22ZzmF7MNLWH7iLyHerAw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398048185_1600457415_28156831_710_7075_0_0_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/jsLog
163.171.134.56200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/jsLog
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 166
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%2C%22_s%22%3A%22RhtZdPY5%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-aaab0d9c-c717-4e38-a45c-5530841ad1cc' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:214; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1d440115-68f1-452f-8c4d-d29f441203c6; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1d440115-68f1-452f-8c4d-d29f441203c6|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=B93A005D99C457004608A7661A590A75; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306100454081877622515; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 11:54:08 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:27|i:206915; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:124; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:124|d:1; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ISD_WCM_COOKIE=!bdk7fpQ7ZiW1teAMntjHYqEj2JIOPOPcx5g9xPKSbzk+tVAri5LtXcfrCf/dHWjx+kmNDfONW2wwuJw=; path=/; Httponly; Secure
DCID=RvD7A1kp0+98hZgM0dNj6e9TVAUKympS8RsYmpe262nlXBACPHTVAYvPghYTi3sq; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
_abck=2481CBECF2A5D91D219693AF0423EAAD~-1~YAAQTpbvUD6yTZqIAQAA3hcopQoiIiysBBNRq4b4eXb5Q577ebb84FGYrUT4c9VvdO944baJknLlbKTPmbREUlf6oj3eQISP9s5bqbuT4Mlh+jqDlL9i7IKwJ1do2pj1YXHmcC5h1JQJZuGLrsSziPEd14ovEOXgUvvov4xveuZdkRsnuY9nQRDLTt0NJmPlHT6KmqNa6Cm2FkBl1DeN5uyTFhcVoj3Royg57QfSdPgzyFd+J5WuvbS52AE5lPcDR3Xn1Ig6dwBfekdjX3xUwiWAsqmSIaVJ3+OSy0bf4O2lQ1OBrQxgZq4MWv4RZlJw0h/tNIaGCAUl8RTqgKHyDbBwrwSuAbQ1sHI0McJNZRkgyXj4f5vlGjPm6froCPEG~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Max-Age=31536000; Secure
bm_sz=BA3C65D10A47E5EB8ECCD6906CE7B70E~YAAQTpbvUD+yTZqIAQAA3hcopRQ2efXzkyBF6k/Fd+GTrGxoNvlkP9gvO2dQyqYAz+Z+AGHXPfsEnrT8QtRbz7Y+eVRBXJ6yt5O6bECVQ6vlEprFd32zrBxiRNcXXi9NSf+skd/YRA/Tca8y+O7xfEzvLPGP+vYMRhqNLIW+xXovlb6IuqxU/iAWA3bsLcAY+uu4Ityy64J8J15te7TbTYzd+RjnGQKqvFa6FubuUZxf1tRWq45SBgL/d29MRXekZ+z/4MXOXqU4t8RWVDYlNCxesNR2+Mt8tNm5DUgxYb4blllYQewn~3354693~4337988; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:08 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01XDr43:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01XDr43_17053-16331
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
95.101.10.136200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=rcRkVhrhkqOvwwOazLb1MN2od0d%2fh6+IGXgFT6nzB5Y11FtLIKZfoE3NtYQphSoI; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398048097_1600457348_51253032_12586_6955_2_0_-";dur=1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
95.101.10.152200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=cDIqofeo%2fo4dZmkrl3Dbug%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398048259_1600457364_460642_62_6135_3_0_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047169&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047169&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047169&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:08 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=FqE9QC9T5odUWH+mf9TzuRK2gQPDKc1oBxlGhsPDkJ4%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01XDr43_17013-17308
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047164&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047164&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047164&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:08 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=5EGbRJu9NSEX6KpinrhKy1kMz9Yh6kLg8JPyP2WVpp5B4nIMt3AHEVFHTTTbj4sN; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01XDr43_17011-6249
connect.secure.wellsfargo.com/AIDO/glu.js
95.101.10.136204 No Content 0 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=ImwZc1%2fe1dCiDiSJI2PHroRvhtgdSzwWjhDMQp2l%2fHTP60fLMejCss%2f5NnwIszVt; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398048105_1600457348_51252906_17282_6206_9_0_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047172&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047172&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047172&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:08 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=aWCnY%2fC5GWGEdE79NTe5jnQVI2oZPH40RhXi3ykhKmY%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01XDr43_17111-24387
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047174&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047174&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047174&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:08 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=+jZyZuCddFnUOSgXWh8%2f5VyM40KmQNKWB81XukIAcNY%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01cnE31_22143-44704
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
95.101.10.203200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=c+4iqZCJN1OxW9wsu7GE6A%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398048197_1600457415_28157048_10337_6787_0_0_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047178&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047178&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047178&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:08 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=6zcW9JfCFd03H+IkRAgq9SbkkWcgFZU+GnPopd87kB0%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01cnE31_22203-59492
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780%3A0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pv=2&f_cls_s=true
23.36.79.9200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780%3A0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pv=2&f_cls_s=true
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash fc821f127f6650d9bab39951544e4acb
8a2e26aba182ad20bbfdbed4e0d595a6b65df171
a7fd4a384a34bf603a1c531ba376554f4f73c12d635e1d75114033f11be1a052
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780%3A0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!6H8nCx3D6qCk0c554TfMmyz5FQ342Q0TJPVyQv+g3ENHVyfGrvTPxAxZIJWCwHdH11mLDAsOdB52Tro=; path=/; Httponly; Secure
DCID=AVANUAWFTJieqKsE+3piSjFgyiZj8uB8Swg8ldQuud4%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.46883675220367294
95.101.10.136204 No Content 0 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.46883675220367294
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AIDO/mint.js?dt=login&r=0.46883675220367294 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=GgY0KlRGkZNCr7uRVSO5FEdXcil1TnLrI6o%2fG1ABLsWgIiB0aiK+Q3papf2Uek1g; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398048277_1600457348_51253237_13063_6896_3_11_-";dur=1
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.6747130251003823
95.101.10.136204 No Content 0 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.6747130251003823
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /PIDO/pic.js?r=0.6747130251003823 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=3shs5tPQQHMmol%2fAz9FzLab88tSGn4FRJvmyOnm46p4MOpRslPrkquMeRhDF2h0P; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398048269_1600457348_51253217_15733_7006_2_0_-";dur=1
c1.wfinterface.com/tracking/ga/ga.js
95.101.10.203200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=QDvY8aAozAIUWnsIPl54IA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398048447_1600457415_28157051_376_6563_7_0_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047180&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047180&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047180&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:08 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=T0ewQIBhGEEqCbNRrPOd0TVRBMsDoAPh1Dj4lYhBeIQ%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01XDr43_17053-16333
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 945 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2363), with no line terminators
Hash a46c39d6d17a5a97e165a6bfb67f6c68
1e5bcc0fa72aab9f84e5ee2ce883d921761cab38
d09e830b710751aee60a7abd2ab58be77363b1472fbb7ece8df4656363a4e7a1
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%2C%22_s%22%3A%22RhtZdPY5%22%2C%22c%22%3A%22OEVGMXBNRmtWUm83YW9CTA%3D%3DgntvVL7X2vyElJCknatxLWkNtn2-icm3p4Zb1hgRzAGmb6mGaJ7idXJHkxHoyUleAVkiVjsE-MbRPeQq3B8pk9g5q4X8rX9JAaA%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 945
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-b4358a75-f379-4cbc-90a9-c7ea84b86c81' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:214; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:b2d273de-a26d-42c0-b230-52d9c452a748; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:b2d273de-a26d-42c0-b230-52d9c452a748|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:65; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=E64AADC878BC65BC2696AA5BB93309EB; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306100454081719719641; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 11:54:08 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!FDJMl7RBtjtD2qnz2xKqB3cO2dndHtnwTCzBuCe5bKk7Y5PpR5nCdHNQDpkCw1KEItxiPbIyIuiq+BI=; path=/; Httponly; Secure
DCID=QesK88pPayY5q4HXncm0BIWv6wvZX4PNQ%2fwBdMFteEWxhP4HIM4vQ%2fg1fRB6LVIP; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
_abck=1D594EF52C43C575438902B979133A3B~-1~YAAQTpbvUEGyTZqIAQAAFRkopQouzPcLliuIZz3jQfI1sW+bM4UrE3X+215e2XNVCowZr/m4qd3k7vngmJmC/ubfnvUtriqGVCUBSChlP2dLXNAeFvHt5m+58p9bIsNqe6d/gTi8Iwe9SFsreP/7MAHcR+cKRnuVJxBfA5PSaA5Tz/ApCBVEReVzQ2/GtwhDUZ/MhIQp9MV3/osbiQi9V6M2CS5SbYPn+BaG2+ipGH86baI2968mwpxYogm7XxwDUyHnZUT/DEtFVlWLfOjWkP/LDUsTghzOJcuYNvWsoYZEs23zkzsLEEjbcbI6Lk9lvQ14UxMn0VGWos4uCD3xqdYK82yOM/xgjfbK79qUN1yNkdup2CbwPVz/j2iwkG/y~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Max-Age=31536000; Secure
bm_sz=4AA924AD3BF7B05ED34CE5525F307A56~YAAQTpbvUEKyTZqIAQAAFRkopRTVI5vxv9ToLs0PS2IuCkvtuVwJcxREKn3FgkBne+fBtMTFRwnWG7vFjkD1To0xpE90JWeeoqZB69AGqX1SToH7e34KLWeYFpeWU5xpcBK31G3uBFTdkTm2xrnn6w9G3wiUe42ZAelHWhJgXqpndBvLr26YNkMZzbGfglWY7DTklh4/Kcac9VTojHvcF8UszlA4icF7L4AXWDejUqFuv8DpFcUvfC3p39qfN2PCyx8PBTu6rSSanxKgsTsj7AixHoF3q5ROGL8ccaSb3wUv9lPyzmkT~3354693~4337988; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:08 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01XDr43_17011-6251
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 968 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2439), with no line terminators
Hash 6cf9f262d95de8d90febb9b9d27b958b
e246355ecebc5ea3737e4cf551f14468000aa881
ced3ff8b196fc45d5e90fd809180488af4c64a1b6b91efaa6f14e0541c09d73d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%2C%22_s%22%3A%22RhtZdPY5%22%2C%22c%22%3A%22OEVGMXBNRmtWUm83YW9CTA%3D%3DgntvVL7X2vyElJCknatxLWkNtn2-icm3p4Zb1hgRzAGmb6mGaJ7idXJHkxHoyUleAVkiVjsE-MbRPeQq3B8pk9g5q4X8rX9JAaA%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 968
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-4024c73a-aac4-40f4-8d48-9f3348c93446' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:214; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:23be800b-be4a-42ae-a22d-0f258baaf45e; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:23be800b-be4a-42ae-a22d-0f258baaf45e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:26; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=5E79361EF58D37E9DE2967549FD33730; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306100454081594241820; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 11:54:08 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!3+C1Pj0E1zh6sQUGl7IZxfIs0wroUURCvRQA309Y6iX2k/plhwCqGtqu6MzsUS2NYHIRJyBmnKNHMJk=; path=/; Httponly; Secure
DCID=Vh7Ra8+aSOBj71sj9pxj%2fHbt8g%2fAw8Sflpx2IMQLaoQ%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
_abck=56C9295F1C947E77ADE126AB23A92682~-1~YAAQVZbvUEbB2J2IAQAAMRkopQonJL7SPrTFtLx+yhZAeesBnssB8z2/Fi8UdmZ7j3g29K97iZzkaMUcRA21j10JlD7G9Rga+ryfxJphXJE3ikiogVjtIsAFBR9FSAIlp3f6utekoHlnAxcvXkT3r4kHcO5wqnbjWryE1xzjIQWjoqU5pNN4BBC6Xvyr1glQRSAuqEF6M3sthBy0uiQ5C9knUeod+DcTRH7kKdUuL+rWSY9Cz9X+vRWTrlGPQk7G1zB8/aSuOjBocGxttFFnOIfRwgWRH77rlz0gBwikXS63ByT7kgN7HbqcVXhc3enp8zckq966ONE2ZQfx0t938A8abg9sqD7Lbi8QIbowJ2GulMyIDZZNEHtYQUDJFE7N~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Max-Age=31536000; Secure
bm_sz=0CDF7B7BD3B1A470FD8AE4305947CD7D~YAAQVZbvUEfB2J2IAQAAMRkopRRR6r5cRhy7O/WbIdau2lmOJWC+Q3yFQZCZzVO14ZzRF/MU8CRRd9WyCq7suWu/uQ0APLO1WHy9xX98zIoItzelC+5PcMtAN71HhWaK0g7C7fmTD696uo28th6YZRq7u9Y6r9kCtdWWIS+0ryyrEiu3uKMJWKC4+iwH1CsOWLOxzDqTQrAPk+AAyd4dIqNtw5VsISOGsKOrmPH1Y1hpwKsIkhH1pKaBGvcrOdmXKT5UpZjiu9N3bQXY0iera46m9LrSBx3/pdgY9rJjQNDNyrWYjAjk~3354693~4337988; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:08 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398048292_1357878869_140382330_25675_7618_1_-_-";dur=1
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01XDr43_17111-24390
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047185&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.134.56200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047185&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--8d49329d48d6c.wsipv6.com%2F&cb=1686398047185&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 09 Jun 2023 11:54:08 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=AsfH5xLpWYhBShJU12jAK8AR16y4MKzb9z%2fwwF%2fzxy823wuisqonnLMyvX+BG21k; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01cnE31:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01XDr43_17013-17310
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 970 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2439), with no line terminators
Hash 4d53d4fda0b4d4c1973acdd4d98a44a9
fdfc2fb4d5aae44574a72dbb509b6b0b978ecaf1
f5af4d0c992467b48082b099abd967e140f8a4c225b0c71ca7c82eb576f95c97
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 264
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%2C%22_s%22%3A%22RhtZdPY5%22%2C%22c%22%3A%22OEVGMXBNRmtWUm83YW9CTA%3D%3DgntvVL7X2vyElJCknatxLWkNtn2-icm3p4Zb1hgRzAGmb6mGaJ7idXJHkxHoyUleAVkiVjsE-MbRPeQq3B8pk9g5q4X8rX9JAaA%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 970
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-d910fd12-8f58-4b32-a1a6-1ba55562989d' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:214; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:c856fc29-3c41-40a6-bae3-a7556e82e826; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:c856fc29-3c41-40a6-bae3-a7556e82e826|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:66; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=832296BEBEE2D1EEDA948A740EA85F2D; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306100454082051349860; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 11:54:08 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!Uq3E1n8PSlARw4IMntjHYqEj2JIOPHF4QeWZTz2zZPeInjtodN1eg/dfUMSG1L1xZjz4xHWRJlTy6Yw=; path=/; Httponly; Secure
DCID=TxtcgNTsK8XSkWqYa22hGeh9YkMEPLfh+MC7KSatrWYSQlapAeQVaxN+fElsDeLP; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
_abck=CA4FAAEAB187664A79304D9984FA9D08~-1~YAAQVZbvUEvB2J2IAQAAWhkopQpom/QvIkkrAj+KD7wzcmJUNhvODCUaMaDwfqTHAU1xIZd4xGuZcVELFS+p4x2UBIP9fo+r9PYpouXhgypJDwb80xXIkP2V9nFcbKbhvhST1I30v0vP/lJa45vOLZ4E5InBY3oawSgDZXE5UweoXuoYwafoyDVMgJwIIQMhwWRjk8wsEp7IWB1EZ6DBhNXx8yuFv8gyKbHycW+NrW+H+31zOSOTDRf9kRP3cDsXBrmH+PePmSrf0o5HPJhKSTyHtvPoNx4MUctC9dxr1LStfvhHfni4XFtf95mJMuxiUJMIiANJhETuvWw/0ecVCrjicgjvVb/K6hT+SW2yPYo5znxU/a38oc9z/nVZ+kLq~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Max-Age=31536000; Secure
bm_sz=DC3F383ABC97E6E35782AC54FE4AA057~YAAQVZbvUEzB2J2IAQAAWhkopRQciTvyFPnr2g9p5Sjt6uF0/ImYvoFlEhmYOWCe5KKD1Iy7AnqjMpCZkPyIk3N0BzK0jiluw4hzzBrBH7fDD03e6TFrQ/elbRY4yJPcBPU8ML+7Krtc+CgFIqAPG8Fk5s3rXGVpKJOo1h8D/ouCl4tMOcfMl31z2LOhtlIP5VMHYUGq43XiWHcQXHJ1CmdHYk7WlKEj5X6U4WoJjAqrL2ZGLkRAp0aRsintY/zcs4TeC6YUGx/B6mOGxUgLlmkgYVzjEMBrGDI2t14kE0sm3+x39+X2~3354693~4337988; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:08 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398048296_1357878869_140382337_29560_7308_1_-_-";dur=1
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01cnE31_22143-44707
c1.wfinterface.com/tracking/ga/ec.js
95.101.10.203200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Cq+Doz+NuNQ3qNcYD%2fkuFw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398048624_1600457415_28157092_216_6789_6_0_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.134.56200 OK 968 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2435), with no line terminators
Hash 16e352af4ebbe86d3fba82e8a1e34953
42dedc1851519d807fac5b281851a5734f54707e
66c7462a1dfbdd52251d00140770167804a3694a12b0d094473020af59c4f812
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:214; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%2C%22_s%22%3A%22RhtZdPY5%22%2C%22c%22%3A%22OEVGMXBNRmtWUm83YW9CTA%3D%3DgntvVL7X2vyElJCknatxLWkNtn2-icm3p4Zb1hgRzAGmb6mGaJ7idXJHkxHoyUleAVkiVjsE-MbRPeQq3B8pk9g5q4X8rX9JAaA%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:08 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 968
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nuance.com; script-src 'nonce-b6dd2073-721a-4917-a2e7-fc04eae69f9d' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:633ed5d2-a707-4c4f-8183-7a6575556b8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:214; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:17e484bd-e1ca-49f6-81bb-73546077d666; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:17e484bd-e1ca-49f6-81bb-73546077d666|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:64; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=98259B98CC220E205ED761C5C023F3D5; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230610045408368519277; domain=.wellsfargo.com; path=/; expires=7 Jun 2033 11:54:08 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!y9IjmWFabIKPpLXz2xKqB3cO2dndHraAemRPaiG4VcH2389uuZJS5/Ttgqxejpkd6lfyDaIBqdzSzuc=; path=/; Httponly; Secure
DCID=xdrY7Oc+ISwI2WKKZF6LBhsXavSHvn7z8AkyHjLqLy+arZQw3e0QQLzcfJV%2fxqtd; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
_abck=73D6FF392EBA412EF4B2A4247CDF5055~-1~YAAQTpbvUEOyTZqIAQAAgBkopQrSD6jnVW6x2bgmOX9KzSxOdzCoFUF24s9ozltii5XWYskEvP2RW2Bp7GJsygIFUJOUDtEnhGZwjnUZSywl/IVBOiYFsaJlu3Q1hluKxMq1VekV57ig0SaRPuVYkHak5qoo+XBGDs1o0KzvrOnaUflC+RFSskbVwELfh465rohLLwm+43aFLBlUAVT0XzPKlzSubPpAU9hv56h4fjRQfWXjUqU+Cyv/fWLEdKEN1tDDl+8d2ToYMvusGlp7+0J4G6ssKhW6zHgBLmMcazUxeIQNjcETsxR0J9++pRPYiRKRnB6ZZNT/Dh3CBUsLpDHOrm/OxfvEgT5Gzgz6iNSaeo/ZNZMydD1yIPNyzz9E~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Max-Age=31536000; Secure
bm_sz=C3E36E50FC32AEF2E893EB84C5720FD6~YAAQTpbvUESyTZqIAQAAgBkopRR38BqDXkkH9t6J6Mkw5aRLqw2t1z9+eE2ehB1nQes44xZQ2upd9mzDSKteCeZHRHP8jdH0A5VpzIVU88MzBcz+MjNWfSZkSo4wkqRfG5L6I15R6T1QqbP88Eh4ys7p6QirKUAbHu3A2fB0GGZxopVKNICQAKyHVz8HZ476z4ZeMFoA1CboCLs02b/KJnq6uG3tiV/Ku1CdyEWlmWJb8nA6yZ28xE2JJELo4f+/6bJBcoBGzqZBwh6KrNzd+A3VlxS3RWApOqODp3bcMSagd+/c89bo~3354693~4337988; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:08 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-ARN-01cnE31:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846460_VM-ARN-01cnE31_22203-59493
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
95.101.10.203200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=IAj90zMwwPSzN0zN09dsXQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
Server-Timing: ak_p; desc="1686398048613_1600457415_28157151_11112_6826_1_0_-";dur=1
ort.wellsfargo.com/securereporting/reporting/v1/csp
95.101.10.185 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 95.101.10.185:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3358
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 1f1efb61-28e5-42d5-439a-359121d881f8
X-Xss-Protection: 1; mode=block
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:3e8ece41-56fe-47e6-9187-d54973846cf1; Max-Age=30; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:3e8ece41-56fe-47e6-9187-d54973846cf1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:5; Max-Age=30; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:5|d:5; Max-Age=30; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
DCID=oIfVMB7zdmJV9ZURrJtq0RS%2fR45dT0z1zJjFkdIXjUo%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
_abck=21A6428464652A011C56AB60615A9CCA~-1~YAAQtQplX7JBD6GIAQAAQxoopQqHG4ty5VW10FbXRHokoTD9MQ5PPOyOmHgPaHEVONgxx7PuEQKC8ugQ+3/gMJrTnx+z9JuaY4ICzU+lPmYhoFpOAfL8V9sCHFm016deW30tOMRu6G+Iodh1FPkwRWd/vd9IWRbDephiId4Z4EJ4RhhtWcnulNlcBLiBY32HpjnD4/lSXhzeSNh2LGTe32VeRjSPoXr/+Iuik9pUUNnWVGzfKCiz+XZw3agdddjA9/wR41MP1AeyOWwYmzgOlRuOc5Yv78/XWcOAZyfJyhSIMLyNrRxUWEsQ/I3JuYs84WX4dhd9mWSCG1G/xULRx+sElwVBN1lwq0Z6qawyPAwPYPyPRHX3wWlGcrAT0WfL~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Max-Age=31536000; Secure
bm_sz=013A4A87440CD85B597794AA75568E88~YAAQtQplX7NBD6GIAQAAQxoopRTENwOnZVoCOlPgQhngxNgkETwCNPkQDKrOEyMQ8vgKGu2aZ07jxiZczs+qATrSjKcYocY2GXBILi+QZ5jb3H5mNVU1ajiz0hiyzbZFFH2WYXEGORCbWFIkrq6KCJ3lClXlS/SoTbhLEiJiR7G4trUylYPgxaoHL+IpEBRqDpfzWwh4O9zjw9VYvXQSxYYnJUlfaPXpjicblFSVClQm5Z5i/nGRphfj0r+QNGMKfQiCoaBNzX7rrjmZFv9tD6cybeWHVa2qKysBjsxaKqVpNVU/PNGr~3683650~4604725; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:08 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398048669_1600457397_24669512_15467_4867_2_6_-";dur=1
connect.secure.wellsfargo.com/jenny/nd
95.101.10.136200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash e2c801cf08232d53fa2b5320fc7ec542
b3da223dd2fedbb7e7df5cc91951ceca47319c25
4a4664b6f6c0221585e87f03c9b7c2577012c9b06ce1613484df12eeb49c4a6f
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 18151
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:b844be82-e02f-40f5-bb5b-3dfc850d8938; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:b844be82-e02f-40f5-bb5b-3dfc850d8938|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Sat, 10 Jun 2023 11:54:38 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=oqW7zvITpk6rxbDTvMSfRcg6b8bgXaIjRrStriD6hkEtI8e0j9L4v24LojooN3zw; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
_abck=D995006E5C2D3D096858262C2541B507~-1~YAAQhAplX/Ywpp6IAQAAcRoopQqmWE0usoIKA+czesTnS5wQ3Pw8FKf9ULDuf4XXPlzt1qucUrCSrCbi3RE153dFOcNTGpBPAuNuxsdGWrH1fXMtKwARM6zaEmtICBw3RhqCZF6KYOqNavfoftBRAGaAnV8250JpDIlOoJIKldaePGfNctB5Az/+VtmkZaRZeUn80IHIyXsd8ravFTm9/1q33doAto7krEB5gBczWRPFAd1mkCFF9CJaFbQin5TqVWrr/BmHnnlP5U/ec5YzQfKL7XT+TZ2+eXJwDHJpGYaJxahe9eas8SykGCE36LRgNaCyc0Bsl0cMq5CikVcsRblvBfS806xLjsM6UjN3crzxyOKPtqVln0UaDI7g0JmV~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:08 GMT; Max-Age=31536000; Secure
bm_sz=5C6131630E6C9A4DB77358E540CE8569~YAAQhAplX/cwpp6IAQAAcRoopRR3JGeNSh39u4dC3aAtKEGAFGChnxyYX+2xzZyIQ8TKSF1CrZnkhz9AUUMIkvYteZtsGlpMifluKNiovvcQGDVlZZFl8NmfSsiJ5jpNllXyHrS5StvSpgxgNOrMUQ4gtoJv64NpPdw7onTL7hjdYQxpm9FS841fvZLtBADpBl3YBxip58HEIdSw9qLXkRAVzQKz7/EF1gYVG1mtkBZ4cz5DAjmHnXrMpV+dp9aFRGgKQ6qOrNmnP7XPNqYF927I21Ci6POGFhSXJ7MtpE6b37xd25/Y~4404035~4469826; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:08 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398048709_1600457348_51253293_16374_7284_7_0_-";dur=1
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.134.56200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 9ef615788b2cb86682acdad520382646
825879d5a0c1a90927b04d92f87d12e3bf2743fa
a34fead3e29ea8593b0b2cd4e48a5ff8f25e6efcedb8a1a4f001fb610090104a
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2048
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%2C%22_s%22%3A%22RhtZdPY5%22%2C%22c%22%3A%22OEVGMXBNRmtWUm83YW9CTA%3D%3DgntvVL7X2vyElJCknatxLWkNtn2-icm3p4Zb1hgRzAGmb6mGaJ7idXJHkxHoyUleAVkiVjsE-MbRPeQq3B8pk9g5q4X8rX9JAaA%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0; ISD_WCM_COOKIE=!y9IjmWFabIKPpLXz2xKqB3cO2dndHraAemRPaiG4VcH2389uuZJS5/Ttgqxejpkd6lfyDaIBqdzSzuc=; _gcl_au=1.1.1036032542.1686398048; _ga=GA1.2.1138858334.1686398048; _gid=GA1.2.503330384.1686398048; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:17e484bd-e1ca-49f6-81bb-73546077d666|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:64; ndsid=ndsa8shjus6pu8mlipxuu39
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=C8fGLpTJLIdsuOxCiklKnSQ+fc2t8dkN5%2fPiee96K8fPUFq2kqW0ptpAV5BcWOH8; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:09 GMT;Httponly; Secure
_abck=9BDD4D49EE62FF302CDBCE7CF89F7FA8~-1~YAAQTpbvUEqyTZqIAQAAsx4opQosLFTu5GNVel9oZOuJD2V2NqL3Vxr6iowVjzIm33Pv5sgD2AOhAfmU/xgB+B9Y9ty+UKnPLXXocqbicEZOFwAfDaLHDywohbe8hRLjTh9L4l2Gj6wTOqQjiFKYfnftPYWEg5m2YjrEe6wYAL/4PZ1t7XAZWRkDy/72YZpr0nEhn/YzCeEi1LnhbwIhvVUShXzr6Vn1Q8O6/DxvS/Xo35tZ9nVaeNdK17IFvBVLrG2u/FHAz5PpXgdeWQA2jtkl2LzqJlSDYp28QruGJ3R9wEwJLWHhskNdvM9SE48Xo3FevuhbOBKzcnK4+x+1yOEubBfN5UOJYNVkwVTsqDr4avNQ9wILwa/belTQ4vc9~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:09 GMT; Max-Age=31536000; Secure
bm_sz=1E09E03602C0B403B4779CA93E437C0C~YAAQTpbvUEuyTZqIAQAAsx4opRRgu73rQAkXF4kuopbOEv49+PjS2evyYJDiQZwwR0IjNFeGwr69pxVBCLsOP6dGAl0rnNqqcJbmiWDgbFM5miAUT1Vm75NM1WwzjfQj8gBxKlpHFRzUikHEmvfzHBHpryKI2AxjJsFpGd6rdKS9+iAgzPAYIGPPtwQ6Fw9Lq3kFbsrGJQSf1cvx51zkT3b+ZNPsJrjZ01GkXrjs7/4+qsHwclil4ntQ4QH5GoR9TXwjNWsYLaD6HYbKpOus59tlhsOo/vjBc0FkdkgFga2uoLpuhTPQ~3682371~4342321; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:09 GMT; Max-Age=14400
X-Via: 1.1 VM-ARN-01XDr43:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846461_VM-ARN-01cnE31_22203-59513
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.134.56200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 51e822a405e28db3e2b21001c4639369
2cb88b747117058c2b0bdaf4eb66240f3919cfa6
4cc8499ed82d529d3a0b7460dbe3c69eeb9bc790a2429214ba9c6a664c43faf1
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 648
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%2C%22_s%22%3A%22RhtZdPY5%22%2C%22c%22%3A%22OEVGMXBNRmtWUm83YW9CTA%3D%3DgntvVL7X2vyElJCknatxLWkNtn2-icm3p4Zb1hgRzAGmb6mGaJ7idXJHkxHoyUleAVkiVjsE-MbRPeQq3B8pk9g5q4X8rX9JAaA%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AWFkhGQAAAAAl6WIsBPT62gR%2FXE72ZpB%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0; ISD_WCM_COOKIE=!y9IjmWFabIKPpLXz2xKqB3cO2dndHraAemRPaiG4VcH2389uuZJS5/Ttgqxejpkd6lfyDaIBqdzSzuc=; _gcl_au=1.1.1036032542.1686398048; _ga=GA1.2.1138858334.1686398048; _gid=GA1.2.503330384.1686398048; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:17e484bd-e1ca-49f6-81bb-73546077d666|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:64; ndsid=ndsa8shjus6pu8mlipxuu39; _imp_di_pc_=AWFkhGQAAAAAl6WIsBPT62gR%2FXE72ZpB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:10 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=xsqW8pFPu6CKna1MR+akdhuLnUm9hoOv8oJ3UaqQRGI%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:10 GMT;Httponly; Secure
_abck=8265EE63F2BBA76E1AC0323E44C2A5BF~-1~YAAQVZbvUKvB2J2IAQAADiEopQqSh+vn3uzMezEJv4DGUan6VNmA4a0IqzwbKA1yo1fW+ExuJrO7pRfeJtZE95rQojjLDdicItyiWQrBpHSlFZmTX1ZwGlc/82H0bO6UU6l5u/QLmZw8gxQrGpPiZV/Kh/5n264ok+4eg7MdvMXRwWChZASAMVM3P8no+VLhOS4FG4guVGDCEiL2c6nbqBpS/sQ/qctlVUH6GiiJSZ69trH1/bbcWG6KLH4o9oVQwdsAE3KLGik1gM0KATqfM6M7wEUlXutgwQBRItqt0DsViWci0zMDmLs0BQ68bsY80JVxlwE+yAq/2lVspYQMVqmDHJTQakDbXlZx/a0CwuL5iW7/jDkf5AhUpQb8O/EZ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:10 GMT; Max-Age=31536000; Secure
bm_sz=1A5BE601E9DAA1AA972952EF0B222D13~YAAQVZbvUKzB2J2IAQAADiEopRR24CqaQN9TgnrL3doL3dLbYmuZ8Ns9PZ3VjyXp/HB3haCnf+IqnLlp6YOD8WxhL9SV7R7fhh2XynxuqWk5c0j8XQdy9djQ+VDRAM3b1ZkHd5Do43iq0HnmGyswxYygS7nktC7PfGSwFfv+H6HuyzNim00Afx8Jt+R3FwCe9GrC/3Afqsw68s1ses4KzJAg9dg5ZvEhe4SkR1uZ+HvOVmiA0g3bVBEjO1xcWi5HYWa7OuHR9VkJO8WywWtw3of+ziDAejR2iGM3ki7DMpAHeFv6XjJ0~3225648~3360307; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:10 GMT; Max-Age=14400
Server-Timing: ak_p; desc="1686398050307_1357878869_140385184_25752_6768_0_-_-";dur=1
X-Via: 1.1 VM-ARN-01cnE31:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846462_VM-ARN-01cnE31_22203-59519
www--wellsfargo--com--8d49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.134.56200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--8d49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.134.56:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--8d49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!kBth/XjXwY123UMv/BdPMOHVwv+ySbxdmepAZN7wdN/s77ftOB9Ilu1+mmpXzUpADGjJfTXPL3FHRP4=; utag_main=v_id:0188a5280e7200140c165952861e05046003700900918$_sn:1$_se:2$_ss:0$_st:1686399847089$ses_id:1686398045811%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUYbLdFqCzF8CmqhAS2h8dbP4nJ3n%2BqwjUK8Dqut9k%3D%22%2C%22_s%22%3A%22RhtZdPY57CrPfm7LuBIHmX7%2B%22%2C%22c%22%3A%22OEVGMXBNRmtWUm83YW9CTA%3D%3DgntvVL7X2vyElJCknatxLWkNtn2-icm3p4Zb1hgRzAGmb6mGaJ7idXJHkxHoyUleAVkiVjsE-MbRPeQq3B8pk9g5q4X8rX9JAaA%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AWFkhGQAAAAAl6WIsBPT62gR%2FXE72ZpB%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22GkgafGaftR91P9e1L5KOfw%3D%3DpInpr5CNOnF7oPNawpRyUfDUO3X5BKb2L7o8sa5BczIa173Y7FZkyE-NCmG31mEDT9DXU2Xa_aQgNPZsUV6TOoT99VY5JVDdHW0tKeeYazRG9mV1AoKM6bYqvEkiJxVnHByyxXBtzf_3Qrdp-Ny096vv1v_B08ytN1_6UPGaDNQ1P5pvP0PoQQ%3D%3D%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAfGS7RSh0XkH800%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43437631844728840649160146070330870424%7CMCOPTOUT-1686405247s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0; ISD_WCM_COOKIE=!y9IjmWFabIKPpLXz2xKqB3cO2dndHraAemRPaiG4VcH2389uuZJS5/Ttgqxejpkd6lfyDaIBqdzSzuc=; _gcl_au=1.1.1036032542.1686398048; _ga=GA1.2.1138858334.1686398048; _gid=GA1.2.503330384.1686398048; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:17e484bd-e1ca-49f6-81bb-73546077d666|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:64; ndsid=ndsa8shjus6pu8mlipxuu39; _imp_di_pc_=AWFkhGQAAAAAl6WIsBPT62gR%2FXE72ZpB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 11:54:17 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ynEm88eNwSV5ps%2ff1jr4wuHA6fx6zXHRiQZXrOguPvgn98E4WlGS6xZndhRxWDnF; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:17 GMT;Httponly; Secure
_abck=956F6788DF5187D4A2BE499EE403C7AB~-1~YAAQVZbvUHrD2J2IAQAAZjwopQqkHNYd3Y4XQUExM+P/jzuqr2gh3Ss8GwXUp4iiIKr6ToZ9tRNghlRhqA8Kx7FlOa8tXXG3U1LqMg+PBm4jsGwiJaIuCvFhd+sCc6W/MviaDWcDjWLZWljke3ZUqi0J++WZFIleoXMlEMjWHhpE8xXEwBJQsK1zxEGrNuVIX03wwZ4TGCIqCu0gbG7EONH6h1lVgNYipF9t0VGfB+CqdBX3XSATIAncWQ3bms4ZS/F8G7w3AqV6RuaFC5Z3oJ4bNq9z3j6u8lkVAFC2VaDbLBl/GDz29/QDDw7JLzYmETUIKbjCUVknefXGxxrMYfiyLNRTblhTUxdLEfTPwMLa46XoaP5umQL/IqVJ8VvD~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 09 Jun 2024 11:54:17 GMT; Max-Age=31536000; Secure
bm_sz=2105233556FAADE44E54635FBCCDE733~YAAQVZbvUHvD2J2IAQAAZjwopRSUV90rILeQtvDoR2vBFH5brkzdAPaupot4E98Gszx1cdAmvVKGd8glWiBELxjFoCqYQArDMjKYtrx0/lToi6jrd9KP/T8S2Jqxi8J79KGdXd5m1ALWaYnRDBb36VciIoqgLIR6xXGvQmUxSH9AfnxjiMr1DHj8rfPX1IyXrNGE/F78zJ4f7EAZl3pLNUgLfb0pojaj/X9kzlvfdRyC0VFgK9kxVylnEG6R432LWikVy57hkC11G0L+Wn75pg2QmzlIFzS8wQ3IRoeYVr3hq/vqO0oh~3752246~4404790; Domain=.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 15:54:17 GMT; Max-Age=14400
Server-Timing: ak_p; desc="1686398057324_1357878869_140385577_24259_6081_0_-_-";dur=1
X-Via: 1.1 VM-ARN-01cnE31:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64846469_VM-ARN-01cnE31_22203-59591
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pid=1c4e59f9-6402-40f2-88db-f5c500d5db49&sn=1&cfg&pv=2&aid=
23.36.79.9200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pid=1c4e59f9-6402-40f2-88db-f5c500d5db49&sn=1&cfg&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash fc821f127f6650d9bab39951544e4acb
8a2e26aba182ad20bbfdbed4e0d595a6b65df171
a7fd4a384a34bf603a1c531ba376554f4f73c12d635e1d75114033f11be1a052
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pid=1c4e59f9-6402-40f2-88db-f5c500d5db49&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2801
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 11:54:18 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!tjva4VvQ7TXktkF54TfMmyz5FQ342QM1pSxuj1LO/eW18gTUoL9pgcOJUsG+FUEoCphs5OLsgCGHyaM=; path=/; Httponly; Secure
DCID=51NS1EAt00SBQJdVq3T4PSc2mMNAjQsPt7BOIlsGEmM%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:18 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
44.241.141.193200 OK 1.2 kB URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 44.241.141.193:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 5064dd22b550bb87903f1939ea15367d
9b3f11f1365002e9e8fe9935fdc8faf2aa5ba27d
7e1b487fb385ac5a862a7b6ad4a548ab8a0edd023768901770c1871536aa1bb4
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 11:54:09 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pid=1c4e59f9-6402-40f2-88db-f5c500d5db49&sn=3&cfg=32a3f9ce&pv=2&aid=
23.36.79.9200 OK 164 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pid=1c4e59f9-6402-40f2-88db-f5c500d5db49&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c30af6b6fbd1ad24a7b1f2baff9178e4
18217feeb65df1f7880dc7fa12b2710b39cd1676
b81795a93f3cafdac81192d9ee04cfe4cee4060a54b7fd7c63037443ba36a197
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pid=1c4e59f9-6402-40f2-88db-f5c500d5db49&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 31543
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 11:54:19 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!WOfMHnTFXxc9JWzpnNE5eVRfS7HzY/L1TA+MgUn8yyLRyWlPTVSww6XYoDvm22po5Ve6lDmgx52qCA==; path=/; Httponly; Secure
DCID=ZXO2WFY1dUMiMigLuVlI+fKq9Gsup8gy%2f%2fLu12u2xxRt32sVLzRex3%2fLkm0dmhFK; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:18 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pid=1c4e59f9-6402-40f2-88db-f5c500d5db49&sn=2&cfg&pv=2&aid=
23.36.79.9200 OK 4.6 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pid=1c4e59f9-6402-40f2-88db-f5c500d5db49&sn=2&cfg&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (5155), with no line terminators
Hash 96f80b830a4d8a0dcab51344cb204c03
0c14b60b21256042281dd7046eae8346b7ca4416
418a76274da2b338e1d2049acee244212f34918b294287a16586ad5a210baae5
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0&_cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246&pid=1c4e59f9-6402-40f2-88db-f5c500d5db49&sn=2&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34507
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=2ba7c62c-f622-42d1-858c-86a44ccba780:0; _cls_v=bb26bc45-30e6-4bd9-b7a3-fa95e8008246
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 10 Jun 2023 11:54:19 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!klTuIZsql0L01koq/D2JHXmrrcNtC+WG4h+agbdJrderQ9H7T3D6YgfaaApWgVaZHvNLt690qDGJtw==; path=/; Httponly; Secure
DCID=tbq39el%2fxAAC+z9z6oos1MFrccsE7oJqUEh9kCHCOmsQo+29hcfNGJgfbKvzT3g%2f; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:18 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
44.241.141.193200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 44.241.141.193:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 11:54:09 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
44.241.141.193200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 44.241.141.193:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 1535
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 11:54:15 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:7675fa94-04d3-4fd7-98a3-35942987edce; Path=/; Expires=Sat, 10-Jun-2023 11:54:45 GMT; Max-Age=30
ADRUM_BTa=R:55|g:7675fa94-04d3-4fd7-98a3-35942987edce|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 10-Jun-2023 11:54:45 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 10-Jun-2023 11:54:45 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 10-Jun-2023 11:54:45 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:10; Path=/; Expires=Sat, 10-Jun-2023 11:54:45 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
95.101.10.136200 OK 871 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 871 kB (871431 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 10 Jun 2023 11:54:08 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=vaVdkhZg54YfT94S4VWnT7rqSN69QvlWiKwAGbXXiFR4yqcI6JZmNxYgyydK%2fByP; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 10 Jun 2023 12:09:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1686398047722_1600457348_51253005_36648_8026_3_16_-";dur=1
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
44.241.141.193200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 44.241.141.193:443
Requested by https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11962
Origin: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--8d49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 11:54:09 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:c9bc1779-da43-4f03-8b2d-e0c1c75eae39; Path=/; Expires=Sat, 10-Jun-2023 11:54:39 GMT; Max-Age=30
ADRUM_BTa=R:55|g:c9bc1779-da43-4f03-8b2d-e0c1c75eae39|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 10-Jun-2023 11:54:39 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 10-Jun-2023 11:54:39 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 10-Jun-2023 11:54:39 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:10; Path=/; Expires=Sat, 10-Jun-2023 11:54:39 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2