ocsp.dcocsp.cn/
47.246.44.226 471 B IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 9c388f256787fe671b209b4549c25609
bce708db1ad56ad352ef1c726fbdc4164741f7e0
eb1329b189207ae0f74aa1fa2710665c98b0c0245a3156046eeb39db51bda913
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 03 Jun 2023 22:57:29 GMT
Ali-Swift-Global-Savetime: 1685833049
Via: cache21.l2de2[0,0,200-0,H], cache17.l2de2[1,0], cache8.se1[22,22,200-0,M], cache8.se1[23,0]
Age: 2460
X-Cache: MISS TCP_REFRESH_MISS dirn:11:437797423
X-Swift-SaveTime: Sat, 03 Jun 2023 23:38:29 GMT
X-Swift-CacheTime: 1140
Timing-Allow-Origin: *
EagleId: 2ff62c9c16858355092688926e
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
163.171.132.220200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash 1aee909e8620548be6b7fe2c2619c84b
3acbcd4e2ba3cff57f928f7026cb7e0e688ae396
14f744e76f2d9d7a1c8f57062744696a3348a6e45090d9b925f7f48027f8733c
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:29 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18840
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-32beae86-1ac1-4e6f-800c-c4894b677b9b' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Cnection: close
X-Akamai-Transformed: 9 18777 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f; Expires=Sat, 03 Jun 2023 23:38:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:38:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:38:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Sat, 03 Jun 2023 23:38:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:82; Expires=Sat, 03 Jun 2023 23:38:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306031638291801421234; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:38:29 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; path=/; Httponly; Secure
DCID=jyTV3FPlBwtJ30yKaZBlJleJsFOy2%2fg%2fFfgzloSMFxwFClw4JrixrDdwyOn9xLky; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:29 GMT;Httponly; Secure
_abck=987D80450AB0CD4870454196EBEAD33A~-1~YAAQlNAXAg+44HaIAQAABnCggwpAp7mX0Ap9RAacfiSvzVko4AW84ri6DtBzOwoBYQWF67PyRGiHJ0vlSsAoijNwa7g0rS3q0Jcl4BrernSDNQh/VrI3oOvkxA9CezWWI5H2Y4vf0jJrbxM59576iy58tkcQgDmcoD1nTOp4/5zJV1QbXAPbltT2wpMy8KzA1r/nqjdQ8Z9D2nRO18WLtgjdpaBlYHOWdM3Vfu2qHEl51mWxj96GNMEHC6FUfYa/Q1s/nARxFpfmQTVzply/qJGpWCmZ1biwgdhSoGQBo4is21PHIACXyyEZlBBN/2JGMIjPOrVQs36PpM3qUNBDmL6ToKy+27wI+J9oQ7XeN2Es02S951SEj8YoDpwOFRzV~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:29 GMT; Max-Age=31536000; Secure
bm_sz=1DDC2ACABE963559EE704139D3F00D3A~YAAQlNAXAhC44HaIAQAABnCggxMUJCFTiCTxfDN8KAsRrZJpFRkfv819zQOEChPK45PC52Jb7MYSi9xAwGVgQYo/fW1M80ULfIOkmYrW/bZgv4mGOBBPbjOYIInsnbuZ2fwOB8XtkYOWFzr0pq7Nm2qO2Bz23Ghdtiqh5oLRLP5h5ouJx91ojJcsT+yQO3GnudAxUZvTw4nuxK6EWyNjS00Sr1EutMsqedrrAJsWAQq55VJvBdu52XdRlydEvbVLnmvlYotewwCLDnv5GE2gAr2TGtNKR0DQ0h3OGAIT/rsPgr3w2xcX~3420225~3359289; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef5_kf175_11727-60157
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.26200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sat, 03 Jun 2023 23:38:30 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=78FUWlLNWvEmq6bI8Zvzdg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=1043394
expires: Fri, 16 Jun 2023 01:28:24 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=1043365
expires: Fri, 16 Jun 2023 01:27:55 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=1043554
expires: Fri, 16 Jun 2023 01:31:04 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Sat, 03 Jun 2023 23:38:30 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=crT32lB9gYL7wGyZoQKSGQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.132.220200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash 38866fe7a3e12fea7bdd12b1df3ddc5f
7051c10e46792de86560769ca4b07b5c9c6cd38d
e9c0c1ea3d06d10122da20e7d3700e3534f7f4d0326f51e96668dc24ffb93597
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:82; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:30 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4286
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 03 Jun 2023 23:38:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A15xoIOIAQAAw5nZUCG7ZOM_ZxQTg6tFkPbMrJ4vKuDHeR7TY2ESTBTaiD5uAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|c82a1ad2b932e397e57c89ca58469783ae613780; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=3arAXemu+Xg%2f6tVgnufyn40EF2RXOlRpJqzPrGbmPqz636aUqrxk8dWOtGBaNpTz; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:30 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef6_kf175_11727-60168
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.132.220200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:82; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:30 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Sun, 04 Jun 2023 00:08:30 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef6_kf175_11820-51812
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 77 kB URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 3b2227177307401f0ad66f16a01dfd5e
098aee523bc90b9abd2658dc3cad2b8d984c148c
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:82; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:30 GMT
Content-Type: application/javascript
Content-Length: 76583
Connection: keep-alive
Stored-Attribute-Sha-Checksum: f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Last-Modified: Wed, 26 Apr 2023 15:12:23 GMT
ETag: "5b8f9de7319f5214c46d203ee7c78f9bf749d0b7eaa059e3b1056741a3d903ac"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=dX19QHJIbRpGJl%2f1CHRQ%2fw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=BE9D0C08D269EE6A9D34127ECB1B3BFE~-1~YAAQ4KDVF7MDAHmIAQAABnKggwo6S3zmqYSrvMjkL+npwOeXjoWw6SOcra4fLgzAOiqr43kIQfuRvSspbH393qPL8A3SOsCCoDksacGlbMjl6iNnjCz6QJW3jLx3/uCcZu84TeuIJI3OVnUgzOky3XK2VIYEUbbQZ2u1o0K2BmKWbHR36SAVSl+zvJyvuFa5Ulsd+ha4IxQX+Cc7eIVibr0R9VIgpEy5lGMkbPahnEScjqnmqid6t4UxvOewe+iV5ZcMOmNAlmzfER8VYgSFFp6rgoolXmxL8cUVk84QDu8ROCUSCiIMcKOk17Xl9yxBsd7NELCq8J68e6meW4paScH/k5/jH/ciuetijeOXFXOGOElMC1y3YrB3hzKnZzKH~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:30 GMT; Max-Age=31536000; Secure
bm_sz=A92F015725A9D2BC5C4C39BEA33D3CFA~YAAQ4KDVF7QDAHmIAQAABnKggxNRVW6PMB9XCKeoV6mO5SjSNBiarCiDWi1vPrSeU/hYfMt7Lj4GKk3hE42C3ZVBRsn5/wLqNpa6FXZdVShryR2QLW71H0bI3q7gpJ0WTmv84RkNjd4zcOpaGpnEdTBa1MOiEep1m26G0bUsuZKYKawrofkspXynBXR0A5xwdmfKR34ASWkxeL3BGXgqVz1oPISqWShMNe4Ydtc8NQUelNxkES4Hgs2qAegW4XHkJXv//+CJ3QofSCi7Z2MzRKL8mDomrxI69M9GC0ggC+C3yGQyjDXj~3552560~4276528; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:30 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef6_kf175_11820-51813
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.132.220200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:82; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:30 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Sun, 04 Jun 2023 00:08:30 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef6_kf175_11979-49871
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.132.220200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:82; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:30 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Sun, 04 Jun 2023 00:08:30 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef6_kf175_11979-49872
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=6325163
expires: Wed, 16 Aug 2023 04:37:53 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13862914
expires: Sat, 11 Nov 2023 10:27:04 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13862914
expires: Sat, 11 Nov 2023 10:27:04 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13709741
expires: Thu, 09 Nov 2023 15:54:11 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13862881
expires: Sat, 11 Nov 2023 10:26:31 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/target/offers/conversations
163.171.132.220200 OK 2.2 kB URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10664), with no line terminators
Hash 850213772453743866b617a506a33c3c
8ea47ac71bddb1b58138ec4776301607ee565007
da5885bed1d1cac81db11a76934ee5d78722242702e88a8d040b3186423bda37
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:82; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:30 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2201
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-f99934ec-0b91-4da6-be1d-debfa636f712' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:82; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8; Expires=Sat, 03 Jun 2023 23:39:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:39:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:39:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Sat, 03 Jun 2023 23:39:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:173; Expires=Sat, 03 Jun 2023 23:39:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306031638301856712541; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:38:30 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=89B71AB9DFFFE2FC2C0EE5A4414E63E5; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=B3KRkbwnVqSPgJvgKYhBT1oIKBWjnBDqP24bZUdm83WIjKlowm0qvbBljqjJ3qb1; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:30 GMT;Httponly; Secure
_abck=C291722775B7467769BF62F672D7CADA~-1~YAAQ2qDVFwqH3TmIAQAAC3Sggwo0tpfG2eNxnbWqzoBc6knm1YKPEtlX0RljQSk212YkFB0bSzY5/0HLC8I2NNXmZtrm0+eyKeMOvM9Lf2CDNiixpDyDGbhEkvgr5YCOB+yxWKja/3bjxDFUkezyr6+KEBnmpB8+S1zCtFnehzxz1fegDtI45RZ1nMQjZz/LiDzCy77OTZxGgus6+h6eAhr/smeFidY5ssQugkvheMIcHvGV44Nupn6YbBtFCuGrOGYd2nZ6HDhiUowTF385JcwDcibz0z12UDAB6niKVqKL9JszntTWfV9bjsdyusgVfuza0yFxnAMMauBEofh442J0t0jjIkjPVUDhcfGvsx66ErvHtNL/gHh8is2tG+yW~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:30 GMT; Max-Age=31536000; Secure
bm_sz=9F22950EE4D9A8257EBCF134E2EC48CB~YAAQ2qDVFwuH3TmIAQAAC3SggxOw2WNr5IN2Ks0yM9RT3d5Mb6ix0xEPvpg3mtgkgWuHuGcUG2I6Hn0taL9QGC+c3Xmz4Tx2BdoVEjWhAaGolPQEsEQB/CDoDbCU/7GNOlIClWkq14Ha78L/IOY0iEbxd/hlAvfveIu4JkjS/4dWp8uUiuRK5JFsX/zsQjDiHOKE2uOJTQ0GB2ioxPsuBOpaYHsspfGYnKeIAk55v6GtxYYO/w5KvsF671MxKEd0Y9u0pzAiMnwRZunyujcVraGRhw/vVDufCCNrO2QneDvc42z1YjaO~3552560~4276528; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:30 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef6_kf175_11979-49893
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2359
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:82; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 03 Jun 2023 23:38:30 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Mop%2f4zxyOtwr5yiQn6OuZw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=Mop%2f4zxyOtwr5yiQn6OuZw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=1E9CB2764E8829DBD0339E4921A056D2~-1~YAAQ4KDVF8QDAHmIAQAAIHSggwoyXBLn8qlJbMgmyofSfP+7OAki06pB6cHdaW3IZLuacAhYD5okmM1O12DlQL+IyD+Qs4UsJUIlXhfOA0VO16QVTnxBePRWEjW7Xy7Vr4ppN+6/1OoQ00VDou4RpMWW/DVrXW7GYOA3p0UxSpoyWSyqkt8zlGamjweRuKL8h3VaUDDvT9A0oZ0B2gPm9ihTfnTvBs2UKNG1u3skD3G0Ho0ZuohEEAuiwpstooVRk/7s3XhK6e4/LJ8Y1JUzqAQdZVXSZT2SQ3Nmu23XARfD/YeVuivBcBhQldPiAW/QUURlElzEmVwqqldLnW6mPNAQ4Qqf22KQsCVqFHSrg4DCOBaS9W/ANYbzsd7YCdmk~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:30 GMT; Max-Age=31536000; Secure
bm_sz=B9094CE635BD64284751C183F1412E4B~YAAQ4KDVF8UDAHmIAQAAIHSggxN3H5PHeNti1NY3dwx0TjuHJ29HUoJqnSDEzf4IHPN/Qn7/SFdNIpTtmzYbsdxgnj5hh2HL4zA3+urgt/mJnSACZnO9avG5GmewincdQHfJrsHdTiZV5PWJSRsZl9anwbPyeSS0ihoy0J3np0pJ6gT79ET2EzIeStzZT2c6AywHgw8FgroPIxSccxdboOQDU1o4iznEbF4OhxwdlhrDyx+l4W446VQxlzIrfMH/HLfvKVuZE6fd952Cw5O4k6NdB8DHI7dRAj4wnZkL9yzejjuiRlRl~3552560~4276528; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:30 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef6_kf175_11979-49899
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMComIOIAQAAB-SjvfAgADng99sw2aBzIxlo_Z4Q3W7sLBPU5MF2E5Cqf7pf&X-G2Q3kxs3--z=q
163.171.132.220200 OK 151 kB URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMComIOIAQAAB-SjvfAgADng99sw2aBzIxlo_Z4Q3W7sLBPU5MF2E5Cqf7pf&X-G2Q3kxs3--z=q
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (150569 bytes)
Hash db55b68471a50ac9dff628e9711240ea
208f8941938494d757079b309b92c1c6ebbb0dbe
c56a0f53707eceb900aef3579a29c59e89c730cd4b632d96179162666f438023
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AMComIOIAQAAB-SjvfAgADng99sw2aBzIxlo_Z4Q3W7sLBPU5MF2E5Cqf7pf&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:82; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:30 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 03 Jun 2023 23:38:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A85yoIOIAQAA_zQWqSVyUHhgSxN4LiFHz1RfSgaUJBDeQf7BPuWMqCGbwcVcAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|1b3fc094adf201c55dd7b9cf02558dddd25aeb69; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=VtsZYH3tEXkIFVVhdlwa6SMdFNYD+%2f0vA%2f%2fmX1WMhwg%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:30 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef6_kf175_11820-51829
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg
104.110.27.78200 OK 1.6 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash f4ea54d2de3587734104a7fe6ac34593
abb69048123b667ad90dcba04da4f08a4a4aeeb7
e802f40411f32bc8331100de87c647c70071bbd2e29a44befcd52e48c6020205
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63f63d12-aabe"
last-modified: Thu, 20 Apr 2023 01:43:32 GMT
server: Akamai Image Manager
content-length: 1646
content-type: image/avif
cache-control: private, no-transform, max-age=1044367
expires: Fri, 16 Jun 2023 01:44:37 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.132.220200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5fb4a721-bcf8-4e44-be7c-2c8450641c4f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:82; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:30 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 03 Jun 2023 23:38:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=3DqlGAUCX1TM4CtHdGPIITtfSnhsSpfDKmDeQ3tncwtC3+jFdIASNqV1Q5mIzO8S; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:30 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef6_kf175_11820-51830
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
104.110.27.78200 OK 27 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 45a212ca9acc61f0bb2570fad9b1ef6d
0766da6abe3d736412ceba81a699a55110feb6b5
99dade4264e8d662c215bf128f8911bf7e53123d661d9783c0a4260970fd51fb
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505838-e489"
last-modified: Thu, 20 Apr 2023 01:30:25 GMT
server: Akamai Image Manager
content-length: 26587
content-type: image/avif
cache-control: private, no-transform, max-age=1043433
expires: Fri, 16 Jun 2023 01:29:03 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg
104.110.27.78200 OK 18 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4d74f6d202bf00523871f6380d9da158
511af47b1ce2a77f5c27cf3addfd80f289bb76ba
8932b18f9d89396f9292d507904d01306b97c8ae75165c93005b04aa7d9853ce
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "635162e8-d177"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 18075
content-type: image/avif
cache-control: private, no-transform, max-age=1043578
expires: Fri, 16 Jun 2023 01:31:28 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
104.110.27.78200 OK 562 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2bcde1c3190b4af34b91259d18dcc641
3e6b6735a8876b4a326648142fab032a8bc57999
de658330c0f53de61d10240f572508c31ee9db580f34b856430724f2e499104c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c4d-769"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 562
content-type: image/webp
cache-control: private, no-transform, max-age=1043416
expires: Fri, 16 Jun 2023 01:28:46 GMT
date: Sat, 03 Jun 2023 23:38:30 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=1043457
expires: Fri, 16 Jun 2023 01:29:28 GMT
date: Sat, 03 Jun 2023 23:38:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
104.110.27.78200 OK 44 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 9534a04615e76afcd0a4dda5cdf8dd7e
516d3a11907386abf70170a54409523592c068aa
d7579baa6c30dad3cc501d73364183349ac085fcfea7c2af16aaa11532bc5907
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505837-def7"
last-modified: Thu, 20 Apr 2023 01:40:39 GMT
server: Akamai Image Manager
content-length: 43802
content-type: image/avif
cache-control: private, no-transform, max-age=1044155
expires: Fri, 16 Jun 2023 01:41:06 GMT
date: Sat, 03 Jun 2023 23:38:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=1001804
expires: Thu, 15 Jun 2023 13:55:15 GMT
date: Sat, 03 Jun 2023 23:38:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/autograph_20k_hplp_1600x700.jpg
104.110.27.78200 OK 6.8 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/autograph_20k_hplp_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash ff9a335cbdabb82c5c45e599aaede02f
d9d9caa1e81ca61408e4804a48ac1c37f23a6c18
f3327507c7327c8a0b7e2777392cb742d54561b12e8850da60e75bee26c2292d
GET /assets/images/contextual/responsive/lpromo/autograph_20k_hplp_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63acaeb0-18517"
last-modified: Thu, 20 Apr 2023 01:30:24 GMT
server: Akamai Image Manager
content-length: 6818
content-type: image/avif
cache-control: private, no-transform, max-age=1043554
expires: Fri, 16 Jun 2023 01:31:05 GMT
date: Sat, 03 Jun 2023 23:38:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=1043554
expires: Fri, 16 Jun 2023 01:31:05 GMT
date: Sat, 03 Jun 2023 23:38:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=1043517
expires: Fri, 16 Jun 2023 01:30:28 GMT
date: Sat, 03 Jun 2023 23:38:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=1043806
expires: Fri, 16 Jun 2023 01:35:17 GMT
date: Sat, 03 Jun 2023 23:38:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=33035
expires: Sun, 04 Jun 2023 08:49:06 GMT
date: Sat, 03 Jun 2023 23:38:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=1043540
expires: Fri, 16 Jun 2023 01:30:51 GMT
date: Sat, 03 Jun 2023 23:38:31 GMT
X-Firefox-Spdy: h2
c1.wfinterface.com/tracking/hp/utag.js
23.36.79.9200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Sat, 03 Jun 2023 23:38:31 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=zpeYLb8X1i3ufvO4s1qs3w%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2269
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 03 Jun 2023 23:38:31 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=xJ7LE0QQvBaIymM20PH8ZQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=xJ7LE0QQvBaIymM20PH8ZQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=B0AF1779AC60554512A46F87D7E42B13~-1~YAAQ4KDVF+wDAHmIAQAANniggwr9DW2EJ8DoAJH4BkHFjRtBl/bmDpZ5H7YkC6Qq/Q8cXY5tsU1wMOPx0IpIvomUmj94b7RsQGuNtJKXGCSDYO58WgfrkWcWl+6pR2ykH4tvvjDPzsCjj8znWNiPwuTBDO+Jyocb/lEN/+TiT6Mbj05lhUvkV0b2bK9228Sz6vQiag8izD3un/c4hEdh0/QljzwMhckg/qYEbhoFkDBYgpIqdSCRlbt0cghzYImSJXHy5+8tUpU0Sx21MP5lOv02qJ3ZWe2Wru0MadaiU+y6pW1B1yH6O+FvWnhSlVqRDBHUrn0u15xfc8zhWzFpom0U00FGKicrLMyEbXe5sAJJTcwJfGkqcxxUGDSZmysG~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:31 GMT; Max-Age=31536000; Secure
bm_sz=ECD0A319D645421F7E3F60082DC1D5E0~YAAQ4KDVF+0DAHmIAQAANniggxOB8sTPbidSLcBZn3Eij6yM8+Hug4br3rJOyuUyJ70hYlLSFtulHjmcnH03PljpULbZKBoQrhqq9FkzdSMoQyv32nO41sDrYtmf64/HI7ArpcLri93xMUoAcVahga0DE3R8/Jyopep6FU6LFxAN5B1CqUagTE03VfRfMI2JCY3/2BbRXStnHHzjckzaiKwsL7eQshmhGqGQI9oeQRSwwh8Falh/avy/pFJdlo0SMqOaX1GeBFA0SX5/dJah5XYpwwn15y8ZslfJM2IXOWCRy1iCtWbT~3163457~3229240; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:31 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef7_kf175_11820-51854
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=1043492
expires: Fri, 16 Jun 2023 01:30:04 GMT
date: Sat, 03 Jun 2023 23:38:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=938344
expires: Wed, 14 Jun 2023 20:17:36 GMT
date: Sat, 03 Jun 2023 23:38:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=1043364
expires: Fri, 16 Jun 2023 01:27:56 GMT
date: Sat, 03 Jun 2023 23:38:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1043500
expires: Fri, 16 Jun 2023 01:30:12 GMT
date: Sat, 03 Jun 2023 23:38:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=1043519
expires: Fri, 16 Jun 2023 01:30:31 GMT
date: Sat, 03 Jun 2023 23:38:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=1043738
expires: Fri, 16 Jun 2023 01:34:10 GMT
date: Sat, 03 Jun 2023 23:38:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=1043408
expires: Fri, 16 Jun 2023 01:28:40 GMT
date: Sat, 03 Jun 2023 23:38:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=1043409
expires: Fri, 16 Jun 2023 01:28:41 GMT
date: Sat, 03 Jun 2023 23:38:32 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2736
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:1$_ss:1$_st:1685837311169$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 03 Jun 2023 23:38:32 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=1UrUbHauyKbbPkHXu+e4tQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=1UrUbHauyKbbPkHXu+e4tQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=41CDCF1D462A25D8DB26A7407AED4762~-1~YAAQ4KDVFwAEAHmIAQAAI3mggworEU/dLp4lN0SMKht1hkx9ShJqAA9zkdaQdIcVPvn+lLPAy2GRdGkv+7uGYyTGTxGuVNCwgUf+Ew7Klsr/zf91EVGi0R/oyoQ31hHrnecuBgY1MXJCdv4bfzDGUu2r2cnEmxi7GfJezB8Vp1VbjmjYXDek3JyiONRx6gxm2iuKlVvV59wFiQfxyqH3qQ2a/OInmqjqDw0YZxlRyv9EgBg/YzZaIrFBf8OLeUWLu6xOjJbXeAOh0/gpPU+caBTP6xN90TjO5WejEEFre5iN/0L+s9V/bcHV9vlFZNTEXG67VmIzG8Lot1a7v/7sDVNCUor5z5dlsFlE9QN7tt5Zh0Ef5XQsrhXGt5RW66ut~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:32 GMT; Max-Age=31536000; Secure
bm_sz=4C1412E52763981E05400DEE4026090F~YAAQ4KDVFwEEAHmIAQAAI3mggxPTHstcWxslGNJFv2tr7t3gAnwCex0zicfZkBybLb9XZ/kyUmov22KiH0m9EHZ8Q0ynoJ8LHaXZHS7YYYdUa22JddNB/Z/Wy5omLDiLEy6V9yNBT83afUZxTAfJg9rv+lQshE7RDGJM9GsPJVn9hoafVPK6uPMqhqLxPfICgOXgcX55QtEqa828EPJHiabZobIHTYjni+ko2YaUP3bv7r2L0R4hKyYYaYm8jjqsqKlGUQsmX0lxaZIpPIYr5bn0iwfMoD+7Qg6zpqxxebM2j1kXIHF2~3356464~3621186; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:32 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11820-51865
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=vQmOp1T2gsSG8a00SX8VBw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/gb/detector-dom.min.js
23.36.79.9200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=S0lNyrmUh3uTL1oE0QDXmw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
23.36.79.34200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=JNXiIBQFmHCWyyWDtdrK%2fy+miQfbHyunmylWhd7Fj0Q%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
23.36.79.34200 OK 150 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (150243 bytes)
Hash 236e61cfd265c7a6c8c1714dda281535
ffd5187523ce7dda3adcd858222b55012f1dd14e
fec3888725ddc74503469910d0903c179d3aa1dc68d99b599b35126148f705c5
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:38:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A315oIOIAQAAqPbVE66SvTMaEVLshWGI3zuXrjE0BLdwPfjZ5K5Cz2gCtLI7AVtaKpqcuNk0wH8AADQwAAAAAA|1|0|f565969401936c5f24fba763538c4ec555ed58f0; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=ovOFiqJBc1MIwc537CaGXP5Gu5SRVLn36OACkZ1lWsI%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.26200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=9n6H4Bvp73ricTwqeJLB1g%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=lJSWUcf+%2fyH1XwS0ydKoHw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=kkMWVuXo5peYdctTmmPzaQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=%2fmAjaCcXYzNgHj+GCILNtw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.132.220200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 2ed10e1a630305529c30335509a77298
0ec08d5ab5adf6c47a59091bd4006848d272c9ab
a629f6f1df17305b2ac7516e454249cb04959bb3cd84158ae76590ce5636cd1c
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------286399904434431632402000539195
Content-Length: 171
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:1$_ss:1$_st:1685837311169$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CvVersion%7C5.2.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:32 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=sES+Xa+AGieasbIb1ZBJ9rvyyJg5K9cHHQsqfQY4ooIAFVB1Tc3DcGhV1YPiWt0B; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
_abck=63F7480E97BE15DB482C7436E1CB47E6~-1~YAAQ4KDVFwwEAHmIAQAArHqggwo5ws7ZeTKgBs4LkxKBMJqlD6KQkmpTkEzZthr7NXGoPePEdG8NWvGccTe/iCJl09LoooVv77fjTQYtzI+XmjH5y6jQi/33D35fal++fxVTPCixWvXvoqTLDJtdqyLQZE4NhKYYzuXcmtFJ3QbhI4mJxnH/jHuWNYxTAHJrOgwZ+5zJnYfQsyEz+XnYjmmsLYgmWIfUX4RwpUosxmaAoWGY05ODhzU1PwIDz+lbS0csONUTfJfdBOjqNu1VTBj6gTz8VOH/EXQ4KtU4OVjF4UaXssPSJbyh1UblTOsNmWFgZMuCffXaJ1csqleGdBmNSIb7wUpdO+qSrZwsKQ4MvELjahQuXB41rt/YuveZ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:32 GMT; Max-Age=31536000; Secure
bm_sz=70F1DE8BAFF0989F6071ACB0109F6460~YAAQ4KDVFw0EAHmIAQAArHqggxM/OxEQbOYw3aL+uNsJBHYQI5PZVmQ1PJOfOais4IFOiI8kRs82ySD3fhH+1YkpZgQ7/ExfauzYhWPIz6iZMb/wMtw6p9TckhJlfEfcIwjLQV5jQRypRMcYoanUlaFRT/zMgh0pMWmzEbOO5swkzwjtxE67Vt6Dmrp9olFw7jJUd2Gq44xBThzID/U0VhAAtTR4vIxczIQ9HPrCBK/PRUTlt97Ew3znsO4kednu4DjQDCPLcfRXFeMnyUDYFgh4EW4SEZJkoXYw/sO3bpHty/GtSbhL~3356464~3621186; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:32 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11820-51868
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
23.36.79.24200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=oAORNWrN6+ig5mHzAYdEuA%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
23.36.79.24200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=744TaAZmS0MEoDjuofLMIw%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
23.36.79.34200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=U2OQJ+TA8JlYeVYG8l0rweU+ZztVxIncGxj+zjmXIRcN8apl%2fGcGXfgqyIs6065h; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512050&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512050&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512050&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:32 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=HlfF8GCrZzziWgYxHxwNoMiMXXMvsCiA6f5CO8bmJbo0hMIGFndq2nAePTf6K3hV; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11820-51873
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a%3A0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pv=2&f_cls_s=true
23.36.79.9200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a%3A0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pv=2&f_cls_s=true
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 6a9532c4a0e69b084f65f430d27c9c08
87adddf2cc8f824590c04e585c3f83d287a789f4
1aec2c4ec89a2ae309af88b7d82664367d6e88bc98c4a4dd7250260a756584d5
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a%3A0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; Secure; SameSite=None;HttpOnly;Secure
_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!wO67E7n74n1q1OLpnNE5eVRfS7HzY4MDYzkXEZ8WMJ+AEYr+RuQwf6lhtLWPXNv1gj8Up3VJNX7v7g==; path=/; Httponly; Secure
DCID=2Tj+HznPEay4%2ftV32AP7F2uTwyfvGs0IhTW6zCohxn2OhPTDV7LoowQZG9B+V9tF; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/ga.js
23.36.79.9200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=cEwlRrtnl5FcwZunDr3ZWg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
23.36.79.9200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=YxbIG2AXeID9CG7dk%2fZMmQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/jsLog
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/jsLog
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 166
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:32 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-3fe25451-fbbc-4b5c-b913-5928e787daed' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:173; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:90f6e593-4e56-4b70-aea8-4ba236cd7725; Expires=Sat, 03 Jun 2023 23:39:02 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:90f6e593-4e56-4b70-aea8-4ba236cd7725|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:39:02 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:39:02 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=20ECCB99D4C9B5F263451D7A0F74275C; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:38:32 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031638321333101524; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:38:32 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:27|i:206915; Expires=Sat, 03 Jun 2023 23:39:02 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:14; Expires=Sat, 03 Jun 2023 23:39:02 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:14|d:1; Expires=Sat, 03 Jun 2023 23:39:02 GMT; Path=/; Secure; SameSite=Lax; Httponly
ISD_WCM_COOKIE=!FTlEa8mOBB5GVorz2xKqB3cO2dndHvBVp1vFYapMHG1GJHrWJ+1rUqQ1m1lZJ54X88eV17NntTNGQaI=; path=/; Httponly; Secure
DCID=hku%2fyx3hPHLvvktbIcEKbd5gHY5FEHxhKqNauji8h3WpPfVPIA%2fyATxMUosYavMA; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
_abck=1D34D7B7BE5606B35DF147DBC8650B3E~-1~YAAQ4KDVFxkEAHmIAQAAZ3yggwpHEWpQm6x674at/AIqNcnTAisgG9Sh7vgc/Nw3J+k/Ez/mMiwctW6Wffrr5oISAf48+2lGOKxZZatGMGi4ru7xl0CoAX15Q0KWOfH4uYlmqsvk8wrtjlkqP0bssPvTX96WFlzVMeVjMnxZVSmq8XMu1ZbaOdikNCP6ydMEyUupwLs68iMH7rGFFJXybh/wfu0s/N1N4/Gvu+PGqBaQY3nHRmmUnns8YmvSs4XjWmfZY9/N/Vo1DAYGKS8D8vpjlSqwEzWSyNAEahmsK0W6UeJgeOd6FOIBUennyk2oXVifr6YlIFOC8hcizvXa2ydvj8fEKF8b4Z5OIgR8q9rKgwz17NHfwFF4koeQwNBh~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:32 GMT; Max-Age=31536000; Secure
bm_sz=B6F187F38256DBD6C1F3526D4DB4DCD9~YAAQ4KDVFxoEAHmIAQAAZ3yggxPWSEkowueXGNoGs9lTwjeAXzUlAEVhXJzGvelFOXGseItwW18QHGTZVYEGT7Z3T6Aljb9CPguwrbP5IzAMGPgBu8+lTefkiA6MCHcM6i5S8qQ1OwmbIutQ8TAXGV0sLPLiNASx8lkQvlR9CFXOpItAxTByYVFodiYWi/bdz/zWxAloUdxEEy9fFEkH/L78idOivaNhyc7yRNC47pMP0TSYvvdTEuvv1KS1AvocCfaYDFvVwphXYloxPTeFJapHhg1OfO/Or7earH1ZUlUkWOJfoEsw~3356464~3621186; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:32 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11820-51879
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512322&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512322&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512322&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:32 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=4keJ0qP4KVnG8xUzEZX58yG2r8w%2fGjqBBpWk2Y%2fGibBoRntYznhJt3RwTi8NtuSt; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11820-51884
connect.secure.wellsfargo.com/AIDO/glu.js
23.36.79.34200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 632f7f6682aa7404d44d1ed187859ccb
3f3f64ee45210ed5f8ad8dc099ea2f329a408299
52a50183437083c9ebbc19d2f50e72f1b19228830eae0afd9ead761b15ecfac3
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37188
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:38:32 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=B7JP3lYmg3tHaATjdYzMv+94Tn26HISUEbPzVlvwFRB61XxsD%2fEJXAUZvt8dp+pc; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512330&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512330&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512330&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:32 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=DLz+5m2dH2gYrf3iuimt%2fHYkEB4KpObK2gikcnExsv94Sn+TldANtpID4dkqeiYf; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11979-49924
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512339&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512339&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512339&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:32 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=JF%2flOECEiIxIWPT1j2WKwdD6uyA0JWzYTknfy1JbBKY0LCWTuDxX4Dmwpwjs6KWZ; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11727-60209
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.34200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=HByed%2ff77GegHPcCh8rlkRlchqe4cGsKceiRrGB0qmk%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512334&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512334&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512334&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:32 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=4NiciP+WHu41m6mgVv7G5BIp1oKfbFEdgPpU7AgmAmfyKersPNgrToHaP+I5h1QU; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11979-49925
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=5FDpN+6wdX8l0HTU4fLZ5A%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512348&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512348&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512348&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:33 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=U3SYeE3QkGNU4ZCRtdPLPGt%2fXZunMXxoJRRH84HiqRtnTYNyZrhqgK7nd+Iflarq; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11820-51887
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512353&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512353&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512353&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:33 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Pusa+ECtmZN1kKwYeVHm361UVdRkcgMoC8wmHRmEKzOJqVG0EpWNlMdiSXYuQr5B; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11820-51888
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512358&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512358&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512358&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:33 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=57AlXyRBhto9nTPTgCe%2f2fXZEL0BbQhYBMrteruTcsQ%2f5NufOq2A55cL8m2ImPZx; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef9_kf175_11979-49930
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512362&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512362&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512362&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:33 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=9jLk5%2fvf5jObBDFfS%2fi8Dumyp83ELC6sm34e4JDS0WuiVkfi78STQl5vVwksBLok; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef9_kf175_11727-60214
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512344&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512344&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512344&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:33 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=S2q3NxIZtVy261uKmsnomTqroeudOEOy5GPd06ARQV3YajbmUSn5QySGSnVfECNL; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef8_kf175_11950-18177
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pid=cff686c5-05b4-4b12-8ce8-76990f0c150f&sn=1&cfg&pv=2&aid=
23.36.79.9200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pid=cff686c5-05b4-4b12-8ce8-76990f0c150f&sn=1&cfg&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 6a9532c4a0e69b084f65f430d27c9c08
87adddf2cc8f824590c04e585c3f83d287a789f4
1aec2c4ec89a2ae309af88b7d82664367d6e88bc98c4a4dd7250260a756584d5
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pid=cff686c5-05b4-4b12-8ce8-76990f0c150f&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2801
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!GLuN85BCSz/YD1R54TfMmyz5FQ342XbBYSJnAF2xrwIL9rp/DfapDJEc8NGzyiSlXRDmTxTAqveMBdU=; path=/; Httponly; Secure
DCID=DJpNXQl3JOAyJfJLIdAhTZr0%2fp+UkFifO2XOW%2fB8NL4%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512373&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512373&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512373&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:33 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=KLj2c5jMRrTbEEXcAdEExvxUd6%2fkq8a8ktATY64TC2vTjKStWM2v2Gqlx83WFE3a; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef9_kf175_11820-51895
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512369&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512369&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512369&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:33 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=fVAOPzy09MwYgKZXx0BYkMnvT8XMpgTgDqjNQPETxL3Q9j%2frSf28dMfNcEKWE6d0; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef9_kf175_11820-51894
ort.wellsfargo.com/securereporting/reporting/v1/csp
23.36.79.25 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 23.36.79.25:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: b31de650-cf1c-419e-6627-c232fdce43d0
X-Xss-Protection: 1; mode=block
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:1c76053a-21ce-4fb7-8cae-0aacaeedb1ac; Max-Age=30; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:1c76053a-21ce-4fb7-8cae-0aacaeedb1ac|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:1; Max-Age=30; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:1|d:1; Max-Age=30; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
DCID=ZvwVctG4xoFbiC+L4Tk2%2fdgdnPTv8nKNKeAVXFaT11UdJ7K%2f4i5BW%2ffcNIFMxgkU; Domain=ort.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
_abck=FCA19D74D65DBF77BF070D8F2ACACD5D~-1~YAAQFU8kFwWd6EaIAQAANX6ggwrFmILC8/fZGWbVwUXGs252UFi+JwV0oZLeFPSr/8iCKLElahw2E8bCQVmejxvKG/YEHzgsTpinQShpi/NYHBnz3bqXxWSa/N+07P2B0PZNBfdkaMwY9xQODA8KkguCxVs5BKqhJsvfeROt3+eK1Kiq5BwZXkLu7/9D8nvVCl2/5CBGGparJ8usTU8up+wPMjBlr1CXHApv7lQwHJL2Z5DTy8NLLWl/G+uZ1DjC2+gnebkNRDPPLnLL5zdhhGk5k/yB5BTz0FGydYwo08Zf1PEXYTgbIyR+S6bNBVal1lJTZtPzxkwBOu5ry2ErV5s3C8PvO9VXG92M1gVHWwIUgwCk9Zqu5zT1/8cYTs32~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Max-Age=31536000; Secure
bm_sz=B43AA7140356456AD77C4870C8346252~YAAQFU8kFwad6EaIAQAANX6ggxPKwxEUzl7W8yIVa8thFIu9Qs9CENc730Ot6wT+dQX1DzNzOt1rxx9xndIuN1QHC1DTgZoczpGnEE4Yr26oHHeDed+XYdfFxCYEk7nqm1eqWhiZYPHEijQcQ83rF2TBfuCQTUSxCZFfpl267vcLVT3by0DjuVrhEU06AhwGIc0Acbu2Wte7wzeMAS/0k5BAiAINZT1G5dI8rN6Fj4suJC54A15XgUsptOH9T6Rw7c8TEAqnxel7DXK/kQgk1+jsM7psnVYFLpHZYI/xgpgxHumFoSiE~3289670~4342595; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:33 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512365&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512365&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F&cb=1685835512365&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:38:33 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=bgV4%2fsq7qgCzaqAoK%2f06ytFxNBmX%2flHl6iva+1OIfhTAi%2f3FEHpfVH2qPjKBIk5l; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef9_kf175_11979-49932
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.04347562996627519
23.36.79.34200 OK 53 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.04347562996627519
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash e6f80eafb225a30cd153055ddc606817
2d1f9ec999afdf2011debd23b40ef46c8a72b34d
db4e62a389c42331e5cbe350263f035163c46eaa5f033ffd96ee4939ecc3f0fe
GET /PIDO/pic.js?r=0.04347562996627519 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52558
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=5yPL3WR2x9zL+Gp68TV0RkJFTlTlv3C25wJklI+CmLeyTlIy3lc6khg75ebPOh%2fC; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/ec.js
23.36.79.9200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=m3IWW4CYaxEFEvHoBkAOeQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 973 B URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash b7740055679382f901771d39c876e94d
554d80b840b2864b559d2ab7804df340314fc478
798a4490eccc149c09ca8250a20953988941b1bc24240d54a29dc907701227ef
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 973
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-abc8a7c0-ade2-4c46-98cc-d3c7aabfa93a' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:173; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:d0ea93b9-724f-4fba-83ca-cd9dc8c25f06; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:d0ea93b9-724f-4fba-83ca-cd9dc8c25f06|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:64; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=79AD18F105CCA2652DFF87756F0CAB40; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031638331410743888; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:38:33 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!KlmVkLhb078+yFbz2xKqB3cO2dndHr4r02hH/QeFpLYaZLpdD8mWZIxs1jcrslGOlSJxwAooxI5N1l4=; path=/; Httponly; Secure
DCID=%2fjuvHZbqE5O%2f6ea1SvKS0Vsx3x+ZGKEaVgfbQoFb3htOMo9gB2g6NmcRuqMu9OxO; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
_abck=A2F0470359CEA0D2A1D021636A630381~-1~YAAQjtAXAitESIGIAQAAln6ggwo5hNEaqxIisR0OFQDUt0jMOZXbq1QU23HzjD0QyFcBYq1KOb1YG5iG+hhKvNWZ3jo6J+sUfYcrL4RPJvDWCEXQfTnC2JZzsxaI3C0xE4mbG9YiQsOWmOCc3ztFxwuxRr0q2k/KXZCvhb5upV1OtPlJNj1yE+NZk31TcwUMg3dhGQTJ9QnfSLsm9+M5wGkDEoxtXRbAQn+7PleFNbv5vPgL5til1psstF4ptTFGAn66QOpBUHIVDrS6OcdaBxeJ14C1Y4tk1SKxXp/gLC5WcclYJjB9qtXOfEFwj0gIwWs3vRiwKZDRncePtPz/1ppKmwGKlhCsTWHT1iSbPe3cTlyIwEoTuU6d6rE/CvIZ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Max-Age=31536000; Secure
bm_sz=D26A134AFB0F069623C97C9805964546~YAAQjtAXAixESIGIAQAAln6ggxP9OV7KNK9Ol0Ttw80zApeRBNK2Z7Gnq1VO6vHTJUdJJZlWJxjuzE989eIsAEj33uLIRWs9SO0aqFUwYnKKZKGSn19/AbYR18AUe8mYfn4/oV1WLMITYil654kgzrZCQbravq3H58Mut+XbXZ0P3xgvN0sVfUoGJJUndPBHmnlfWhqoDgH7LkIGt2YP/qCjHZdFGINyKRsSGUCvc7/br8EDjZ7e+U4sYG4G8rDaH/fWht/X1VHy1A/PNjT8//4nIlMGuvImyD233BSW8GL9WxFeDNTK~4604229~3228724; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:33 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef9_kf175_11979-49938
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 970 B URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2437), with no line terminators
Hash fd66d0b779a103a192830e08292cde5e
cd013ba256c7a1341dcc211eeb03a4500af1af04
90c01b714fe900fe2b99f3efe90f07921f3004328d9c669c20830dde6b6dc227
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 264
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 970
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-81433493-2e55-4376-91c7-be7621384c15' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:173; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1a51f5ba-838e-45f2-80de-2da3e2d73486; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1a51f5ba-838e-45f2-80de-2da3e2d73486|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:62; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=9FE9DC033E89965321222F51D0EAF1CE; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603163833586744165; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:38:33 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!g4lwSux0il0X7Pjz2xKqB3cO2dndHhhtRefZ6v7fAekX7uLJpXjmfEaJ0NdHwFh4HrZ6ek4TPtFUGqM=; path=/; Httponly; Secure
DCID=bRTSEGnxEI40xhOvPdff8Tt2Qjo4zhWDt2+5OMsGOUBq%2fBcKkX%2fnKo1SVqr0r5pn; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
_abck=C5E4723183A014303BB5C3FB825DEB52~-1~YAAQlNAXAg254HaIAQAAnn6ggwpLrvIhJVT1gStT6dppGLToVFqQAU01w4Q8fvl3qcEr2bOLM2o+LGQsWFNb2+2hGLc8Q+9AK6V+rcuFiTu+46Vqg76Atec6s4HDoTvykcLNmB5Fqvq5uLD+xje81cz0Y/W+nfBgzz+qE0XNcENfqvSTrq/ccOBYUiZv/+B1CbgpNS+f6CottiPDsRXSKEtWmiuMQ3clNCP7YA8sEHGPikzGYKY3cGBVNo8b5dKhvowI+Vj8G6n8ehcWdE4d6tuymZgtiQMgh8nS3UKond1hVXds9qfSwYwnIH9zDJSYGdAVLZfQar+UYCBVKP6UcZ3Uluz3HLomuxD4d7TVoxIvUongxbaJdD+rSlON8hyf~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Max-Age=31536000; Secure
bm_sz=F6062099C15D20353D171825D3EE02AC~YAAQlNAXAg654HaIAQAAnn6ggxMTuqJG7Zsrp6m3QE/uP85z0yBMpYSucXDJ6sOXHvrpm+2j/IxXLiGyAqmtTaTMRt4HfaRPlBCYduO83F/UT7QY17y4+les8MV9h1CC0WyYDkWKF8yhPsQf3nlM6yrClUuHXoLhbNtgE755f6eptKOJ0IVNpgqad24hnyvCNgueP9wBF8i6mZMBO9yKmFK5ZWYpEBkDb+Qckbp5KOtkLBlZ9yeQ2q5U7Trln6u6bxsqep+vewozAxKgHmgMS7P6juyQdIoJVJ/z1/YYCcLc992KW9cw~4604229~3228724; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:33 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef9_kf175_11727-60216
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBBdU4yOGhKUzkwN1A1TmlVblVEeTF4ZkZNOXl2VEFNYVdpbnJuQittMHZQTWZSYnZkNk1qcUkxNXZ2Vnp2MnhuOC9PdkFXR0Ryb0lBVXJ6ZXAxaE1EYTFmbWYyY0M1ZXkwQzloMzFUTFJETWk4MzNjV0h1T0J1dHg3RitKSEdoN0h1NTF1dVpjZTV4SFRsQ1IwZHcrQ3p1Y2ZVMVIxWndkK3c3NW45R2R5VVl0cExDYVBNMHRqdFphWk9LS2lXdmNybENsNDNobjdCbDR3dE1ScGwvck1aOUNqNW14VXcyMXhvVEhBSnNPYnR4SmJyZUpoR29EVXlqdDRSNjJCcnRydlFJVGRUbXNrR25OamJ3emJDY3VWdTZmMFJwbjdQcEN1WFZ3aTVrPXw2NGQ5MjNmY2QzNGJlODZmNzBkNTY0NDJmYjE1Mjc0ZDlhMjM0MjA3Yzk4Nzc0ODdkZGRiMDE2NjU1MWUzNDFlNDk0OTAyNDFhNDExNGMwMGMyMjdlNTI2ZDE4NzcyYmQ4MmJhOTZhMDZiZmJmNDk4YTk4MGRkNDM3YjUzZWM3MmQzNzI2Y2QyY2Y4NDExNjdhZTc2ZGEyY2ZjOTI2ZTc3ODU4MTgwNzQ4YWM2YzA2N2EwMTMxNTg5OWY4NmYyMTlkNDAxZDUzYzRlMTU0NDlkODgwNTE0NTBiNjA1ZTllN2JmNDgwMzUwN2MwZGVkZTUwMjUwOGRiY2E4ZWFjMDBjOTA3N2FjNzU4ZTM5NjlmYTE5MGNkMGQxYWQ0MTQ2ODI0YjNlZDdlMzUyNjZhYTlmMzU1OTgwYzQ4ZjNhMTQ0YjdmZjI2ZDQzNTgyZTUxZTRmZDA0ZDk4Y2IyMjQ4M2YyODAxMzg2ZWI4YzZlYjgwNWY0MDVmZjg1OTNmMzcxZGRhNzg1NzQ1YWVkMjE3MjljODZlZDJlOTNiODJmMTliMzhlMmU3OWY4OWU5N2Y1MDZjYzhkZTJkOTYwZDQ4Y2JiOTZiNzE3YzMzNTFmMjNiYTAzMTBkOTVmZjU0NWU2NjQ1MDdhMzE4MzYyNTEwYjQ2ZjA3ZTc3NDc5NjFhNTBhM3wwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com&t=jsonp&c=hbzwfgzkhixrmfod&eu=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F
23.36.79.24200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBBdU4yOGhKUzkwN1A1TmlVblVEeTF4ZkZNOXl2VEFNYVdpbnJuQittMHZQTWZSYnZkNk1qcUkxNXZ2Vnp2MnhuOC9PdkFXR0Ryb0lBVXJ6ZXAxaE1EYTFmbWYyY0M1ZXkwQzloMzFUTFJETWk4MzNjV0h1T0J1dHg3RitKSEdoN0h1NTF1dVpjZTV4SFRsQ1IwZHcrQ3p1Y2ZVMVIxWndkK3c3NW45R2R5VVl0cExDYVBNMHRqdFphWk9LS2lXdmNybENsNDNobjdCbDR3dE1ScGwvck1aOUNqNW14VXcyMXhvVEhBSnNPYnR4SmJyZUpoR29EVXlqdDRSNjJCcnRydlFJVGRUbXNrR25OamJ3emJDY3VWdTZmMFJwbjdQcEN1WFZ3aTVrPXw2NGQ5MjNmY2QzNGJlODZmNzBkNTY0NDJmYjE1Mjc0ZDlhMjM0MjA3Yzk4Nzc0ODdkZGRiMDE2NjU1MWUzNDFlNDk0OTAyNDFhNDExNGMwMGMyMjdlNTI2ZDE4NzcyYmQ4MmJhOTZhMDZiZmJmNDk4YTk4MGRkNDM3YjUzZWM3MmQzNzI2Y2QyY2Y4NDExNjdhZTc2ZGEyY2ZjOTI2ZTc3ODU4MTgwNzQ4YWM2YzA2N2EwMTMxNTg5OWY4NmYyMTlkNDAxZDUzYzRlMTU0NDlkODgwNTE0NTBiNjA1ZTllN2JmNDgwMzUwN2MwZGVkZTUwMjUwOGRiY2E4ZWFjMDBjOTA3N2FjNzU4ZTM5NjlmYTE5MGNkMGQxYWQ0MTQ2ODI0YjNlZDdlMzUyNjZhYTlmMzU1OTgwYzQ4ZjNhMTQ0YjdmZjI2ZDQzNTgyZTUxZTRmZDA0ZDk4Y2IyMjQ4M2YyODAxMzg2ZWI4YzZlYjgwNWY0MDVmZjg1OTNmMzcxZGRhNzg1NzQ1YWVkMjE3MjljODZlZDJlOTNiODJmMTliMzhlMmU3OWY4OWU5N2Y1MDZjYzhkZTJkOTYwZDQ4Y2JiOTZiNzE3YzMzNTFmMjNiYTAzMTBkOTVmZjU0NWU2NjQ1MDdhMzE4MzYyNTEwYjQ2ZjA3ZTc3NDc5NjFhNTBhM3wwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com&t=jsonp&c=hbzwfgzkhixrmfod&eu=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash c7f83de4e452f701f97b68962406ad57
c5efc914cf043fdfae86f9ca5d7926aa8277cb98
88b0656ff0caae02e31f5cc74216c6c8206fe3ae477626abc5594b2c1aa7af0f
GET /AIDO/vyHb?d=ZW5jZEBBdU4yOGhKUzkwN1A1TmlVblVEeTF4ZkZNOXl2VEFNYVdpbnJuQittMHZQTWZSYnZkNk1qcUkxNXZ2Vnp2MnhuOC9PdkFXR0Ryb0lBVXJ6ZXAxaE1EYTFmbWYyY0M1ZXkwQzloMzFUTFJETWk4MzNjV0h1T0J1dHg3RitKSEdoN0h1NTF1dVpjZTV4SFRsQ1IwZHcrQ3p1Y2ZVMVIxWndkK3c3NW45R2R5VVl0cExDYVBNMHRqdFphWk9LS2lXdmNybENsNDNobjdCbDR3dE1ScGwvck1aOUNqNW14VXcyMXhvVEhBSnNPYnR4SmJyZUpoR29EVXlqdDRSNjJCcnRydlFJVGRUbXNrR25OamJ3emJDY3VWdTZmMFJwbjdQcEN1WFZ3aTVrPXw2NGQ5MjNmY2QzNGJlODZmNzBkNTY0NDJmYjE1Mjc0ZDlhMjM0MjA3Yzk4Nzc0ODdkZGRiMDE2NjU1MWUzNDFlNDk0OTAyNDFhNDExNGMwMGMyMjdlNTI2ZDE4NzcyYmQ4MmJhOTZhMDZiZmJmNDk4YTk4MGRkNDM3YjUzZWM3MmQzNzI2Y2QyY2Y4NDExNjdhZTc2ZGEyY2ZjOTI2ZTc3ODU4MTgwNzQ4YWM2YzA2N2EwMTMxNTg5OWY4NmYyMTlkNDAxZDUzYzRlMTU0NDlkODgwNTE0NTBiNjA1ZTllN2JmNDgwMzUwN2MwZGVkZTUwMjUwOGRiY2E4ZWFjMDBjOTA3N2FjNzU4ZTM5NjlmYTE5MGNkMGQxYWQ0MTQ2ODI0YjNlZDdlMzUyNjZhYTlmMzU1OTgwYzQ4ZjNhMTQ0YjdmZjI2ZDQzNTgyZTUxZTRmZDA0ZDk4Y2IyMjQ4M2YyODAxMzg2ZWI4YzZlYjgwNWY0MDVmZjg1OTNmMzcxZGRhNzg1NzQ1YWVkMjE3MjljODZlZDJlOTNiODJmMTliMzhlMmU3OWY4OWU5N2Y1MDZjYzhkZTJkOTYwZDQ4Y2JiOTZiNzE3YzMzNTFmMjNiYTAzMTBkOTVmZjU0NWU2NjQ1MDdhMzE4MzYyNTEwYjQ2ZjA3ZTc3NDc5NjFhNTBhM3wwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com&t=jsonp&c=hbzwfgzkhixrmfod&eu=https%3A%2F%2Fwww--wellsfargo--com--1t49329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=UKGQbsLHvpnpAN8ZrOlz8QKfcqwrNDSeK52ItFYQbSZdCQjpfvBQF3UR3mkJ3tHy; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
_abck=E11392D16C1B286341851A2702A4972E~-1~YAAQFE8kF0J1NnCIAQAABn+ggwpLbxwmU2bJ9swa7S24rHQYZ9I56T/4Xd/540fIGxXeURlV1YBhYsSTjmqcUl2X8nUhUiX0+W/Fkmf250bF0vjS5KMhtoItknTGFfIJpOxiOhRZ6fYBXcffUVUdpLGHL2TMcd0/mjvfs3EKeqdqdQneJabVDeGtd6n//sVcfUooxyx5qKpAqm8AE0y1RkDqSUkDHQuCCUAHwS+WjJAKJzT4XPf7u0aWXmC1scvOvFMUS/dK1VryAH41cUtJ+S6dKOqwwrrJnEUNcDitn/7hMUbqY4Mk+UjKsTtZWTc3AdnQs6zQjMUeSiQnvWkfgrLxjKgDEsece4mJMbrRC0TFwRlIE3qQDgrwHhag8f2y~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Max-Age=31536000; Secure
bm_sz=05BDBAC87D131710F0BFB702181E2DD7~YAAQFE8kF0N1NnCIAQAABn+ggxNiDgVjN/+4IIazBMDWg1NYkEkh+t163jJ42OxmQSoWPiVxC81yDUSlzBxIJnvyI47NvD8+XS7s6NfR9R0pfE5aox6HVCnIghJc2V6JRsF3zNQ+DYDCUCBVEnDFROS/cL3N3e1qmPA9HJGtGbDH319Lg1fFYVPkjhBFYJRCFg6vaVQX6JxoQi2LZrFJ4EhXEbIspQ6DM81yR2CwouqnwwOH9btFvTkxSDL0Z0yzRxTPwHGVt3ijOSdwlf9QfKPiVmt85iq8R9wCne8E31wmfkRDLzcE~4600118~3420230; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:33 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
23.36.79.24200 OK 147 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type gzip compressed data, max compression, from Unix\012- data
Size 147 kB (146982 bytes)
Hash 2a948ca5203844f0016737b54d9b2b67
028762b56d861c7f2f89fcb5320e45e210576375
db1faa97bff390f731c4ac97d7bf648424811b971e7b6070a13dca886f18ac5f
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=0vXV8RGjPfNYwt0BpfQTqOvQN%2fmEUqdEsNCYWeD4P2deyQGhFhAXiNFDmLrCVPHd; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
23.36.79.34200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash 7791f2ff84d154b46506d913f30ee929
9e18863d3b2ea86b34d1de79e1f236d77a8f4d69
c4c31fbf39703dc8526397be75fc9c4d4569b93889513790794f5794e272fea2
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17863
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:6bed3190-9381-43ce-ba9a-8e6c2c1e99ba; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:6bed3190-9381-43ce-ba9a-8e6c2c1e99ba|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=MCML1w+Yn6w7zOwaA5UxkU6JDz0J+nEL5fDG3XGMeYuYosokr4lsSC%2fQ9BRiN4KX; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
_abck=4D6B19E9B3371101AE0C1CA03EE7D9E0~-1~YAAQHk8kF4KFR22IAQAAgX+ggwpyRro0ngGKGc+loWYxa1UO0wlpWZAgLA7jTtvDlTsURabdO1keYCsu2Ubj3O0C62DY5y6LnG6gLZXsGjhl6U/MUi7aTiKHwtMSgOeV3A9Pz3/5WRH48D+Eqh1f3YNQEGcX9vYHg6Aihxs93Qk2SyfOfAT+8tmUBZJeeKpVdEfZoYsza21abcqExKLloxJ3cYsEQYT09GYIDJkt5t+gLq3fQBOVbl5vbhM/cLOZZlMvgdA6DdqvR9pWDnz27HwZ7vvnbzAmOY9+o9MeynLuh+5b7CWIJeA8itYTj60zAcSTJW5vf9rbSz4LJnf2YPAHSoyDS/4lrLZx/nh+gT8+IUJxh5XH9w5T+KC7yzC9~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Max-Age=31536000; Secure
bm_sz=5DA8FF2DCDA92E9C39E11036B4CCCC34~YAAQHk8kF4OFR22IAQAAgX+ggxMuWbqDNdLDqouIVPseOTeW+2d6ipnGVI4MgokMWv/mq6mENvIPK4SpQiExqns1l2k4dAKnT62wCOr9Y9dLezPFOpHrsY4PTpAhv0NTF0GoxAEx36K2LJTHNkSlFSjs7L0OMVQ+jd2xsSNEEZzt3+tRudPIfK2r0y9DP4rBEcdbF7jv5T2QocdHlRuBu3k7I5OoVhuRz+H9gjEFMyGzxYf6MdLlhTuk9GfANICfKNhhpr+claqq82Y/7Pwx+xt5WbxlsCpK7yGDMmPnBUfr5qHfgXSl~4600118~3420230; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:33 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 968 B URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash 71b6b5faadb6da09817b0340b75a93ea
f722f668d8e7c1cba32793f6275e7941126c7d00
a291447ac8e14ee086510d15356066bdae401a33fc811c3e8c0fba98c2bcd5de
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 968
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-1f797f33-47a7-450f-8dcc-bcadee89e198' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:173; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:504727f4-8ad0-4d2a-8f53-c4e5458d9900; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:504727f4-8ad0-4d2a-8f53-c4e5458d9900|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:64; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=A0DEF18B1B9D06CFD45BB378DAB9C50A; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031638331761601172; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:38:33 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!S5BqCf0MrL3B0AsMntjHYqEj2JIOPCs77LDA6mrCeCSaeZ2fi/4vVeVFZ9s0YMi3Tn6GBqPS8s7c5HE=; path=/; Httponly; Secure
DCID=k%2fUvAJhaJQChL7icHNnH3oSHnfyBj7xcT12FIxRo+%2fJh1rMczooAAuV7Vy9FdtBb; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
_abck=085A9DAA78E599E7CD48D404D4B13FA2~-1~YAAQlNAXAjK54HaIAQAAtn+ggwrrRjh+cVcAJJhUHannaT8+EvBTndACaGy/0NTzNCUT7ASaB+qc00n9H3v6rm3vUFUfQl6zy4G/0HLHyZUhup/XU481x/bAfr6sy7PUDsJciklDpdHT0LD98EObkTQw/4umLtYEc8DCYv+O1aqA2emBVO8ASfZrfnLSxEAimuBmy3eX/ocPukA9RcgzAKmxdyO68j+gCzwOtwKySkckdRfLtsS90af7Q0heJxDQl+odSjDfNT2y3QG1/16/ijOmBPTeT7OWEMcFbQsX4Xz6yfVA/c6SKhv6qHrcRvDI02IlEKrFDDbfqYGet+CC+9jdS8Y1zFPBwi4jWLXEc9cuUE6Yc/Ys8erL+DRvy+cQ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Max-Age=31536000; Secure
bm_sz=F48EFA9B2F341E1809ADDC2DC8A98AC8~YAAQlNAXAjO54HaIAQAAtn+ggxNhh7oJcDXzGEC4H5ct3ENz+2crVYVdeLXcoyl0ohN+4HwmGt/FLUQTS6aXGv07W6TYgCwfVxEqQxaO0C4uCTLhvdVqkbBkqM29E+6QRIsRLs0q7u1EFqLRNMHI2z09d+874o5lM6unIHxDoH1EK6ktxV5PcMWdkypQv8R3jqnZ0BryNyCabxw8OiWq2uBTjmhiaZ4Tz+JSEODwLT6OXiy1Cjq6PQcZpPDoezn3DaI/7wEnweaKi1qAZI45/m3Xh46mpx0GrHXucwk8JKbM0jkKrXDu~4604229~3228724; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:33 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef9_kf175_11950-18190
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 970 B URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2435), with no line terminators
Hash 533b0c8d77da9f9d86c7628d1322ab99
9e5f86a8eb814a75592f98ed6422e8c5872952a6
a2a77a4ef4617f559e8d826e118c05c7dafd93994670e02635c14116f33de4e1
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:173; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:33 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 970
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-cc67eaab-f6e8-4436-9d24-6423112ca3bd' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:3112bd96-007c-4e30-a11c-043c50d412a8|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:173; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:b5586369-4337-49c0-9de0-644e18e7643e; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:b5586369-4337-49c0-9de0-644e18e7643e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:59; Expires=Sat, 03 Jun 2023 23:39:03 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=04027A6F85B11E52E2467A3EBEC0604D; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603163833910781382; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:38:33 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!XToceutKyG5GpIkMntjHYqEj2JIOPG9ZGBcCOe93beqGCrl8Wi6ttBGAJL/9hZRvzMJE6v+5F0ZULTg=; path=/; Httponly; Secure
DCID=SV0cK7KAxCGeaupnZ0ICeaEwPJCuyx3TI5+UovDl4F6Zofj6zWfnzUUixoC8Q%2f+a; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
_abck=605693DEB44CE9E4F2F9051A0DC03E1A~-1~YAAQjtAXAi9ESIGIAQAAzH+ggwoH/PoRNXPL86k9I8A9z+KdHCKeZBDxDW2SX+e1GRiiX9k1r9pPk2mh7LsyFt70utNsV7qI1QhuHsVjodt138ohn+NsriAO7RDCTuYUEMDsUyoLdLUPnQExrrhZthubb5l21/DcMSBt0gy6dvwHfVmQtE7PpKqWNGgxcp+feWac86qlQJa9ZC/DCQjYbhO7zXMr84k4kFSgkHCRAMinhA5kvf0m4HARKVoWq86NjuQzHm6fGyHb2/cq5K/vIR85xRyVyLlCUQnwMdEFOFqV986AQsnD/dE/EwsCBJbezawx/BX9Ee9krHAhufoER7KofzpTdK7LAGRqGc7h5fVRxLMzGfL5Ge/kqrFt3gSI~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:33 GMT; Max-Age=31536000; Secure
bm_sz=B2BFD7C982703C5EDBF739F665B3FBFA~YAAQjtAXAjBESIGIAQAAzH+ggxMx+vnLD85aFhyiGIFJyRMRTiOTFMqy5X8kxIEdSIiADV4IHUo8Db8D+ZjHivM2bVqgzDInHiyUTPqwKGOBiJXKdg1RgreWfxku9oRmy4lWijGBkHu5+nKQqkjNHbjkQKbTNSvYaijGhXLBNg4CrZonTYtGNSlqvMaBddZeklUKwvb7vYOROpSoBQjUg3A+PyV64R2TA8pnMIem0ObZcsJH6stjcrpUQCHQ3CjlcEz0IUf3DspdObu/YzPMSMbERXvDfYIE93+0jzKytk9tEzaxOHt+~4604229~3228724; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:33 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcef9_kf175_11820-51901
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.4663429930271824
23.36.79.34200 OK 137 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.4663429930271824
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136627 bytes)
Hash 1f97c6810b3f522ac4a738e9687a07d3
ffb293ef455cbb3d347fcdb2456298470bd7508a
c3e27e4d0e0e0bafa7cb3cffe08c24a02b972ebca20e9c776bc7f37dbfaf220e
GET /AIDO/mint.js?dt=login&r=0.4663429930271824 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136627
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=zOfJS2D+nHM48EZvCkg+DeQaAs%2fiJ6sveBgc4UXQLf0GgunlTytD%2fdwkdSKa%2fLe6; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.132.220200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 469d1669798d0267bfa123ba361f8f8d
29250d222bc7a6d932ce642f7b5f020a03b9afea
2b9f85df14c983431cd7c10b30408413d91ce0b1ce49489627cfe8b30eb7b1b1
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2052
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%2C%22c%22%3A%22M3Rybms1dFlNdUlhYnlQcA%3D%3DTHFBbCw570jVFxCd0RC_wyKFpo-yjqilv0lZnSDgmjzCKeEho8NVJe_BekLYCE3FGtR4kqoeFB_o5lJSGPtCO7iNY3Z4EtBNqKg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0; _gcl_au=1.1.1387682932.1685835512; ISD_WCM_COOKIE=!XToceutKyG5GpIkMntjHYqEj2JIOPG9ZGBcCOe93beqGCrl8Wi6ttBGAJL/9hZRvzMJE6v+5F0ZULTg=; _ga=GA1.2.487671488.1685835513; _gid=GA1.2.939517240.1685835513; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiNmM1WmFTemwwXC96Nm9KcWFaYzZkdXc9PSIsImUiOiJmXC9Jc2wwck5zZ2M2UVo4MXVuaGhJMGpcL2dyRFhPQnJDNzR1UTVtRklPc2g3XC9aY1IrUTQxRmxhQXJlWFwveElKXC9pSlp2T0Q2a1ZxMlFMS2tvdHZ1dWJQSDErdXZrNmxDanY1MWVsVFRHR1wvVHoxUGdHWnJkMnowclVcL0kzRW9uWVZJQWl3YURES1VUTldnWVJ5MFRsQnNnPT0ifQ%3D%3D.edbad6a0ecb4f79d.OWZjYjY0ZDU4MGViMjVkNDc3YTRmMjc0YTU0NjlkYmQzYjdhZTJkMDM3NDg5YmM1OWVjYjc0OTMzMGY4YjJhMA%3D%3D; ADRUM_BTa=R:27|g:b5586369-4337-49c0-9de0-644e18e7643e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:59; ndsid=ndsabtilr16n5hligmxrbj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=RJCy3dl5tBXmjf8QXnYUTAGTLS%2fJNG43zcnHMTF32KWi1J1Wcn2Bb1PMIEUGjo+o; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:34 GMT;Httponly; Secure
_abck=9BD297E0D4FDAB0AE2A5E83930C5F391~-1~YAAQ4KDVF0AEAHmIAQAAOoSggwrX3BrSTybmcKrCKfwvll5lePGK3+KorLjh8z4ZGkY9CSCKJyBQvVkm7MvHKhJlwpTbZeGy1ApYoVrA3W9Qhpn+5rxEBPl/qiGBAiYa4YBV7OHZaZIH7zdFrUy8DqKp3TzYYK9QEwQN/MBCulrLpSyW7BQV4WIR351GJYhxPFBfAPJy31YyKKT058+0RxkY19Rup9BpmsjZvE0fD54O0BTrp21cMmFJ1As1MM751LaeVg/D/K0Ar1+LWQsJKdpgveX2laVBlUM3GuquBXh7fITJ0+wGSnx+1Y5wPI8jL7SqF1YNF9WDMc+DwlhsZBlSaglA04yhRAsCQM+ujNDJg47+EoWhkF+Lr5Zg8PKR~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:34 GMT; Max-Age=31536000; Secure
bm_sz=80ECFBD09007F608BC47D737E9DF3883~YAAQ4KDVF0EEAHmIAQAAOoSggxM6BEdhHSVSLml2zYjESWD9xcX+zWv0H87Di3goHZ6gONs9GZBtCjieMyUMbPZG3b3V030Wy9PuV/evSx1ARcy8lA2loDF00StKz2a1QUPreQUWuMKv6AzsoUIU9IRQXeUsQ7OmcfRVbm7VUwU4gN3E0eQeILfhVYNHjC8h+7aFs4Gjqa92FRf/D9ezGdqVz6uwx++bG7JxFTonclacr6HYBFsRHUVc+JNMTUnpKtjMWMF3vRaOoI9H7TgYynnPvCLx03gStWyJmkLL5+a/FxoezLZ6~3289157~3621190; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:34 GMT; Max-Age=14400
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcefa_kf175_11820-51932
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.132.220200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 0a541dfa77a2a34dd5ec154bba0a2699
508f205c1654355f8cda6f0bdc377dd3ea316fc3
0d4a18788bf21d244fb27437a787f89d41e237d6d9e096981e2551c620046fb9
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 648
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6Ic%22%2C%22c%22%3A%22M3Rybms1dFlNdUlhYnlQcA%3D%3DTHFBbCw570jVFxCd0RC_wyKFpo-yjqilv0lZnSDgmjzCKeEho8NVJe_BekLYCE3FGtR4kqoeFB_o5lJSGPtCO7iNY3Z4EtBNqKg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AfrOe2QAAAAAh7GRzMemm83i4YPHr7x5%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0; _gcl_au=1.1.1387682932.1685835512; ISD_WCM_COOKIE=!XToceutKyG5GpIkMntjHYqEj2JIOPG9ZGBcCOe93beqGCrl8Wi6ttBGAJL/9hZRvzMJE6v+5F0ZULTg=; _ga=GA1.2.487671488.1685835513; _gid=GA1.2.939517240.1685835513; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiNmM1WmFTemwwXC96Nm9KcWFaYzZkdXc9PSIsImUiOiJmXC9Jc2wwck5zZ2M2UVo4MXVuaGhJMGpcL2dyRFhPQnJDNzR1UTVtRklPc2g3XC9aY1IrUTQxRmxhQXJlWFwveElKXC9pSlp2T0Q2a1ZxMlFMS2tvdHZ1dWJQSDErdXZrNmxDanY1MWVsVFRHR1wvVHoxUGdHWnJkMnowclVcL0kzRW9uWVZJQWl3YURES1VUTldnWVJ5MFRsQnNnPT0ifQ%3D%3D.edbad6a0ecb4f79d.OWZjYjY0ZDU4MGViMjVkNDc3YTRmMjc0YTU0NjlkYmQzYjdhZTJkMDM3NDg5YmM1OWVjYjc0OTMzMGY4YjJhMA%3D%3D; ADRUM_BTa=R:27|g:b5586369-4337-49c0-9de0-644e18e7643e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:59; ndsid=ndsabtilr16n5hligmxrbj; _imp_di_pc_=AfrOe2QAAAAAh7GRzMemm83i4YPHr7x5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:35 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=tuWmizTneedNrJg5vYGCudtYiqmkNKShTqRVgO3eQjdZQ0cGVRTC2Jrkt+oRSeYn; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:35 GMT;Httponly; Secure
_abck=5BCAC57F5570EA75D6D7CA6C8C51CB00~-1~YAAQjtAXAltESIGIAQAAgYeggwoVueX4xY/i1zvBwhLowwnXA03IrYDhV6QC2KRF5QKJIRqtnl7LzruDd1RFfWjSeRmp/ctSs30E8kyp8tnpTJsWTlcfPNPXgVtMuI3APdd5R79O6suIG+8Ylrja9HpkFesSuhgLLMyvCZ6VyR+v3Rb6SHlh5VglCM6XZ5WE4zty+kwhHQe3RGN7mrnH5/ltIen/Jd3K5Z7+/gcBVKNzcJcCTkubE6PJmt/68Bli1dzRgIHZ0pURvT2vpn1bxAcu6Z8x6ep2zEexHVFGu2vWeQehJd6HGr28P76gBpdCUykUfXLpwIEYKwlvX6wBbuYeEnVQCBdm7yn9nYSTYo0Dm6VyTsKK2cCo+kdgOLSy~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:35 GMT; Max-Age=31536000; Secure
bm_sz=A832CFC3592A1F998BEBED91F6278CD9~YAAQjtAXAlxESIGIAQAAgYeggxN56jNcDXVEy2aknZUR8IgzkXBlqKXzKhTATOXcoIuAs/4kH9dl7GEStTQsqcLfW/AkfupYFF/j8aNPsBw+wLsEW6uiHdf/A+xbNdItCX4TAOuKP7t06GgKiHhIng3raaKSpIQ7YnWCf357tb+kXNQQFNC+MC4tK+j5vT1lPGwkmcztA73ttolkKXoGEB89u6pjJZ9BoS0Zz4HKjriBdkglaqdV85XYZjNoL12jH5jUhC2l9o66OHIhTJBwoYU2MGPOoKRHX8vVG0zXx1rP1r+KBme+~3552582~4273731; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:35 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcefb_kf175_11820-51942
www--wellsfargo--com--1t49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--1t49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--1t49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!QR/3/FWHoXJ9mMUv/BdPMOHVwv+ySU5+e9826uJsskZOJ4m5ILDagP27jKUIdyzg4JJxMtbPu+zMGqw=; utag_main=v_id:018883a0757f0014c46a0728da4005046003700900918$_sn:1$_se:2$_ss:0$_st:1685837311924$ses_id:1685835511169%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQ0FKfNjsjTF8CmqyVGUjL4qNdi8rE6EoBMm%2FB2lhpM%3D%22%2C%22_s%22%3A%22RhtoS6IckyrPfCOmriQFmX7%2B%22%2C%22c%22%3A%22M3Rybms1dFlNdUlhYnlQcA%3D%3DTHFBbCw570jVFxCd0RC_wyKFpo-yjqilv0lZnSDgmjzCKeEho8NVJe_BekLYCE3FGtR4kqoeFB_o5lJSGPtCO7iNY3Z4EtBNqKg%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22AfrOe2QAAAAAh7GRzMemm83i4YPHr7x5%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Z_P9BXl3-fhv9XoX_pn0bA%3D%3DbVs_fXEpWbD5Mlqb6jb0PKlqoKSupdpHZ3mAfE9yhJebjfit_4wFQz_bNQgi1nd3TFx1Pl7NjqckA7IfWeDDF-jWEO6G3ZRgxHXBTjRIl4aMPhrY85qN1pHkifufTi8XcVq3HDR9LJZYg-XL1Hl7fv2RcTe1szzbK_6JznKVk2F6rzlpELt4aJXO%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAvmT6hyg0H4G%2FEE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C88259384967629587660968126922561014106%7CMCOPTOUT-1685842711s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0; _gcl_au=1.1.1387682932.1685835512; ISD_WCM_COOKIE=!XToceutKyG5GpIkMntjHYqEj2JIOPG9ZGBcCOe93beqGCrl8Wi6ttBGAJL/9hZRvzMJE6v+5F0ZULTg=; _ga=GA1.2.487671488.1685835513; _gid=GA1.2.939517240.1685835513; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiNmM1WmFTemwwXC96Nm9KcWFaYzZkdXc9PSIsImUiOiJmXC9Jc2wwck5zZ2M2UVo4MXVuaGhJMGpcL2dyRFhPQnJDNzR1UTVtRklPc2g3XC9aY1IrUTQxRmxhQXJlWFwveElKXC9pSlp2T0Q2a1ZxMlFMS2tvdHZ1dWJQSDErdXZrNmxDanY1MWVsVFRHR1wvVHoxUGdHWnJkMnowclVcL0kzRW9uWVZJQWl3YURES1VUTldnWVJ5MFRsQnNnPT0ifQ%3D%3D.edbad6a0ecb4f79d.OWZjYjY0ZDU4MGViMjVkNDc3YTRmMjc0YTU0NjlkYmQzYjdhZTJkMDM3NDg5YmM1OWVjYjc0OTMzMGY4YjJhMA%3D%3D; ADRUM_BTa=R:27|g:b5586369-4337-49c0-9de0-644e18e7643e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:59; ndsid=ndsabtilr16n5hligmxrbj; _imp_di_pc_=AfrOe2QAAAAAh7GRzMemm83i4YPHr7x5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:38:42 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=4IsoPJc14ikzQbXhv1poDgDNI7KatJ1%2fmRGPR+Rt94+LbXboELSoEAG6IZaxOWQg; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:42 GMT;Httponly; Secure
_abck=B1064EBFB8F4B40DDFB1E9F2AB1D096F~-1~YAAQjtAXAiZFSIGIAQAAG6KggwpH8O8MeZEoTp3Dh0ts4Tx3tYbZH9nu+ZjsXPYlmaKvasaZT7+4W4KYdQ+wTadMOPBN1UGjMicUKfoYRa/iCRs8mcYwUjoobrbz31MHvm5TAEKT7Urg/wn56dk2ClMfpjHDDdjidHnObmwIKqjkklm79cVd0W7p8Qzs8Z/U1dMwpgPIB587JCUSm4DRnUhzNbcHQv0INSZ1+Zvy638EHPPgbWh1Xu1ynlgvTz5cOK8iG/Klgy0377uOado5Fld8yRAvPr0/nah7vBpDnwJ2Fm877+vzXBOYsGKTryd7Y5VSmkw/AVE+mxQhbcF5/W+w4Tr39/XyyVaYWy29gwfOPZ3Iu8/UkKfyoJrR9kS1~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:38:42 GMT; Max-Age=31536000; Secure
bm_sz=7F3383CB1F109EEA0FF0741D536F5458~YAAQjtAXAidFSIGIAQAAG6KggxOod4WmBwqW09d/NXrB6IJfaMXJ19ojahskXjQP1oKysrZOp1shehr2xSPfWts+RfFsgVFJpC23tv3VJNu6WvlNfXw/rytVWyn1NL0az13gLPIPcbXXhpOT6Ysw4DfzdUD19ZAAJ/dS0ktBMxX8CmTTIRo/yHFCGC8QGIGkYB3KqNdOguJHRtuQTn6VBSFENnHXhjGtfWf4I3HH3ShpRVhByiOTGOuU+yG5SdeRCV8R4enl87v+/t6rfqDcHkIffE02Sr5JcsrJfjlPWvk9VOHVioH2~3289397~3485765; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:38:42 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bcf02_kf175_11820-52046
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pid=cff686c5-05b4-4b12-8ce8-76990f0c150f&sn=2&cfg=32a3f9ce&pv=2&aid=
23.36.79.9 164 B URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pid=cff686c5-05b4-4b12-8ce8-76990f0c150f&sn=2&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash e6222ab0e585446c573fde286a3fa5e0
a7fbbafd75aafb035366dcd3b38eaec2f48fb68a
c01493b8dc1ffd038fecbf9d10029c40930391ee6d7a3b5d362f832bd7ff714a
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pid=cff686c5-05b4-4b12-8ce8-76990f0c150f&sn=2&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34429
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:38:43 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!IxEiofwOain99BN54TfMmyz5FQ342YbDECx61Q0fvfOWIm4etJa6e+aO6bomZEYjluRkwyc9xvG7Jd4=; path=/; Httponly; Secure
DCID=ozg4+Ly9KQ3YAdYM1ypg0bRDJHxLacXu4qfW7MbqeNU%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:43 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pid=cff686c5-05b4-4b12-8ce8-76990f0c150f&sn=3&cfg=32a3f9ce&pv=2&aid=
23.36.79.9200 OK 164 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pid=cff686c5-05b4-4b12-8ce8-76990f0c150f&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash e6222ab0e585446c573fde286a3fa5e0
a7fbbafd75aafb035366dcd3b38eaec2f48fb68a
c01493b8dc1ffd038fecbf9d10029c40930391ee6d7a3b5d362f832bd7ff714a
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0&_cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd&pid=cff686c5-05b4-4b12-8ce8-76990f0c150f&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50643
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=8956e829-a166-4ba1-b337-93b1a1a673fd; _cls_s=003e7ab9-e056-4477-a46a-8f95c193a62a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:38:44 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!pJaw5X/VqUaflq154TfMmyz5FQ342YqKveyAccc6+MdXSvrOg/AdCE12/TC5orCvk5myByJ9pEDq0hs=; path=/; Httponly; Secure
DCID=EWiXQ2KIsQb97OLO3S4hEFhkuC4eRfM5pz1SsoEAEH4%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:44 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
23.36.79.24200 OK 692 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 692 kB (691795 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=VucXeiOk8T8RE%2fOHLv3l11mjhafvQNo0BFKon0pwdz9DYq%2fdStn%2fWycpXGs%2fNSkD; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
44.240.142.64200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 44.240.142.64:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 12076
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 23:38:34 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:68422e3c-687a-45e3-b3d8-c8076ea8c66c; Path=/; Expires=Sat, 03-Jun-2023 23:39:04 GMT; Max-Age=30
ADRUM_BTa=R:55|g:68422e3c-687a-45e3-b3d8-c8076ea8c66c|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 03-Jun-2023 23:39:04 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 03-Jun-2023 23:39:04 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 03-Jun-2023 23:39:04 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:8; Path=/; Expires=Sat, 03-Jun-2023 23:39:04 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
44.240.142.64200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 44.240.142.64:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 23:38:33 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
44.240.142.64200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 44.240.142.64:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 1535
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 23:38:40 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:bf5be544-bbb7-4644-b79e-521cc8416606; Path=/; Expires=Sat, 03-Jun-2023 23:39:10 GMT; Max-Age=30
ADRUM_BTa=R:55|g:bf5be544-bbb7-4644-b79e-521cc8416606|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 03-Jun-2023 23:39:10 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 03-Jun-2023 23:39:10 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 03-Jun-2023 23:39:10 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:12; Path=/; Expires=Sat, 03-Jun-2023 23:39:10 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
23.36.79.24200 OK 605 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 605 kB (604578 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:38:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=lkagv9ILvkNsxiyXLlt75hXDyvcZ6Kji0y9hju7U5P4HJ27AH3GhR+XUA3+U3cz8; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:53:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
44.240.142.64200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 44.240.142.64:443
Requested by https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--1t49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 23:38:33 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2