ocsp.dcocsp.cn/
47.246.44.229 471 B IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 9c388f256787fe671b209b4549c25609
bce708db1ad56ad352ef1c726fbdc4164741f7e0
eb1329b189207ae0f74aa1fa2710665c98b0c0245a3156046eeb39db51bda913
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 03 Jun 2023 22:57:29 GMT
Ali-Swift-Global-Savetime: 1685833049
Via: cache21.l2de2[0,0,200-0,H], cache21.l2de2[1,0], cache5.se1[22,22,200-0,M], cache5.se1[24,0]
Age: 260
X-Cache: MISS TCP_REFRESH_MISS dirn:4:395911319
X-Swift-SaveTime: Sat, 03 Jun 2023 23:01:49 GMT
X-Swift-CacheTime: 3340
Timing-Allow-Origin: *
EagleId: 2ff62c9916858333090391734e
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
163.171.132.220200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash dc4f8f98c515691a7bbaead3aa1f58c4
0f0f1ff62ddb1600fd255673181ae6fa79eaadc4
1acf51c5432dd2da369077ce1f71b12ab52bd4f008ff3e307c5f11e2ba2e94f8
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:49 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18837
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-dc9cfcd1-e210-4da1-a034-a769e6f36b31' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18774 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d; Expires=Sat, 03 Jun 2023 23:02:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:02:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:02:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Sat, 03 Jun 2023 23:02:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:84; Expires=Sat, 03 Jun 2023 23:02:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306031601491165304144; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:01:49 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; path=/; Httponly; Secure
DCID=I1434hZdoegGe3ZFYBir2BYRVwDs4tv+kHKa5iiqCwxqS4jdDfO2aLdBIfYCGk9S; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:49 GMT;Httponly; Secure
_abck=A017F347ED8639FBAC53B20529D79718~-1~YAAQ4KDVF7SJ/3iIAQAAE91+gwkYnqpbgmjozkGMBZFJ42AusUmmYxXpEqdEZ9wVlwM95P8YCwR3N7t026f7V/ch/KqnHor39IvPZUXyq1RfsquveGmqou/5UVoJKLjryXoOQUvx2KXA90RxOv4KEXxnH1SlNNmGr78j19RW6sqf3ehRLiZ6U7GfXePA+0T2ZNR5jMaSBVbsyHS0c+zZTXOfzAs0gDj8CbqsY+j0OawQmcHObwbEpJQN7aJTUv1AY+VFPxXa1t7EDNWnWOu4mMPh+wAPRGVJM6ICUD242xTU4YmGxOfLB/7jLBENIoVUOxZBSTkinc+KsJj8g8epH/fRXIzCGnMXgd/9x5yg42LafcwrKw9W3hp8A20gFYe2~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:49 GMT; Max-Age=31536000; Secure
bm_sz=0FEE357B7396A40054513B815A392A58~YAAQ4KDVF7WJ/3iIAQAAE91+gxM894otRF87tJ12S6IvpoKrvIqZhE9JzVwSzMuW+WGUTd8wOpcFG230VCFktp+0wO9/F17pcBYJiMcmVEPC4myYJmLIil9EAJ3aZbEiTGtvzxlflTNLgN1YzD+E9yuUSaEVDqpsQdGcIELwmxV09e/CLLGG+gq060PhOtvSivKdvdkzNJ6PSkURGg5vs0ZWHzIdfxUkM/6B96aXWAzUBUCFUJu8ahKQKY/Q4t/YPfVEktK4I3P98SAUjAov11UvVN18Dp2g0AXM0ZJ0U0PoR1cCTGdJ~3420484~4473411; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:49 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65d_kf173_12434-48109
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.26200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sat, 03 Jun 2023 23:01:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=tCOBJO4wgSnuhx6WlOACOw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Sat, 03 Jun 2023 23:01:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=7kId2+jYYnb5tlLLhUWOYQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=1045566
expires: Fri, 16 Jun 2023 01:27:55 GMT
date: Sat, 03 Jun 2023 23:01:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=1045755
expires: Fri, 16 Jun 2023 01:31:04 GMT
date: Sat, 03 Jun 2023 23:01:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=1045595
expires: Fri, 16 Jun 2023 01:28:24 GMT
date: Sat, 03 Jun 2023 23:01:49 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.132.220200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Sat, 03 Jun 2023 23:31:49 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65d_kf173_12422-12929
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.132.220200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:49 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Sat, 03 Jun 2023 23:31:49 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65d_kf173_12446-52801
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 77 kB URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 3b2227177307401f0ad66f16a01dfd5e
098aee523bc90b9abd2658dc3cad2b8d984c148c
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:49 GMT
Content-Type: application/javascript
Content-Length: 76583
Connection: keep-alive
Stored-Attribute-Sha-Checksum: f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Last-Modified: Wed, 26 Apr 2023 15:12:23 GMT
ETag: "5b8f9de7319f5214c46d203ee7c78f9bf749d0b7eaa059e3b1056741a3d903ac"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=0AQ0anLwoJ7SJMEL30Mr3A%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=04F4799C3C074DA8F3BD1FF2404FBBA8~-1~YAAQ2qDVF+JL3TmIAQAAGt9+gwnT4ffLtPiSm/MFUjKoCFi91bwTs05IXtdomm8ZPK+I9ubHefkbCAeK7rQt1YBQdPk0CTF8/xFpQiE5kkF8EGxgvYJ3MoTzS8kof/EanUlbqEgkVX89JC7MHBHNWOyuJlOXY351c7Wvg6lD9f/J945LRk1+ONFyvJb1xBtpNgaIatTn1PefLGfzRwRMaMf5228aT+VrydDNU/ou0K4NdRaOKwCd2Fkp1P2JLRA4FaobNi7APyX/jUXnmv7MegYbRCssXQA7a0Cj7ClRaR3Ba7CkMPAZUPRKQu110CZSTwYkGxD0AodeV2jUtKS4wZCuerPByRPpPyNRigjk5QgC55I2Jd363yRDzqKg/QiH~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:49 GMT; Max-Age=31536000; Secure
bm_sz=A8F4DFF4FE0F97DA2E8A66DA0B3A954F~YAAQ2qDVF+NL3TmIAQAAGt9+gxM1AQ8ET0U0BYovdpX7hCb1S40Chw8K5ZqXfRei5T2c676Mhboc1qeHAhkepk3vuVBi0Nk4Ic/rFUh/LK6FYhnNW8BfJbWo1kfNHAq5zccBkYxJ9Re2LnRQDcDGvJnkcXEiGcUnCAJU6m8DdzSgsUHpKgAY08t+k1terrPFFx4yDfr0R6bgZFA02sV+f/yrMa5NrAB4GImvViW0yTeomVsxWnrJ4Nsb/BVC1WOrZKSDQENi5iAFRoL9yXfsbJTAN1e3r/WY/ri7elnG1fx6E2m7ZMd4~3420484~4473411; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:49 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65d_kf173_12358-60258
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.132.220200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash 7b538b3fad91a321bf5088a9b8edb2e7
0e19023b806ccf7a710db4d5d51c9304b0ffeb4d
05969136fdfae3ae2a7a206e1c3ad50134acb73f9d4fc57621a40b9ce8b89fb4
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:50 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4286
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 03 Jun 2023 23:01:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=AyXffoOIAQAAd6kEz_cAzqcOf3XywrFvyOFoBPIE0So5s3iRjr4dN4cZZglpAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|356cd581b76b3466b50f6e93314fcee4698cbafc; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=kjUevvRzoBIAINHBQvjgbLAsLhuIskgjQ+ZyJ4qrS1TiL8Bnif6SUKKx3VtYWqlH; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65d_kf173_12434-48118
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.132.220200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:50 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Sat, 03 Jun 2023 23:31:50 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65d_kf173_12434-48120
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=6327363
expires: Wed, 16 Aug 2023 04:37:53 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13865114
expires: Sat, 11 Nov 2023 10:27:04 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13865114
expires: Sat, 11 Nov 2023 10:27:04 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13711941
expires: Thu, 09 Nov 2023 15:54:11 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13865081
expires: Sat, 11 Nov 2023 10:26:31 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2043
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 03 Jun 2023 23:01:50 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nF9OmWFJghtBJbibYjNSpA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=nF9OmWFJghtBJbibYjNSpA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=FCC7CC23DF6D21EE9668D5708F210477~-1~YAAQ2qDVF+RL3TmIAQAAsOF+gwmPahHrqV1kiY87Ptkuojzim7+YL8eikTGkBpsyDBN1sxlEKRCkYHXfhvHdiCQc+Lig79PmzhO6FI03+Slir3zEESNfiSMSkBb5xbmDAubiiH8ltR6WliAOwEpt+2tvWIpB6ntH9b69ewX4oL64yS2a5/ZBpnADjyggaYpGvWSFju42+QMVcJAv7tqIO2VGcS34Venk0fq5udrtsoSPUB2pybF6Uy5kVbaZk32CLjLXfDEKaVNmnvODlnOoTwBuCD6kU3EQSwjvScLlutKqTHzdLe55PpT2OaNY+2SkcRkN8ZjWMcXPF0o1mfkWV0aSUFgyDDuffTmZxwHB6tW+MKE6NNP72l90aavISBr5~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:50 GMT; Max-Age=31536000; Secure
bm_sz=CEB287E9B112C359FF76BA12C0893982~YAAQ2qDVF+VL3TmIAQAAsOF+gxMyAxj8V7kg8ShHUsy4KHLJ/Pex8vNVPEowjL+BnG6DvFZKElCPvtQOzWTeFPRWE+NDu4JtrS8kcWEOdFGrna+6wyvJNq4FCzhlwF10m8WuNaBWpjAvn1scHGX5ui0wtm7DXLj2KiSeKHFFbAF9s8bhjmx3BRq+tyFOZJqe6BEbHyJsoFUNe/QtPGoCWHRfr18W72Us1RNCkp1HVLNyjvfL90gfO8ar/NvKC/g8BGa7oFuYFEU2sC6Y5nEGq7CKOCtpkxmZOTCzhSuOzG2pb+KNc1Ii~3289157~4469572; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:50 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65e_kf173_12434-48130
c1.wfinterface.com/tracking/hp/utag.js
95.101.10.106200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Sat, 03 Jun 2023 23:01:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=6kRBH3s6ZqvjdnQ6CPv2Hw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/target/offers/conversations
163.171.132.220200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (10677), with no line terminators
Hash ba162311ebf4ed35e0c295a1c835e420
7ef2ad9f256c3834b334a70eff14cd7fc66bdb44
07d4bdbabc3856f7560aae8ce4b08ceecda33e2ec11ea254d362920902c20b91
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:50 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2095
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-6d0958eb-1083-4796-b800-44b357744679' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:84; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943; Expires=Sat, 03 Jun 2023 23:02:20 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:02:20 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:02:20 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Sat, 03 Jun 2023 23:02:20 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:152; Expires=Sat, 03 Jun 2023 23:02:20 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306031601501191145921; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:01:50 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=1D84FAF2478CDBCB8CA94C6FBAFF2B2D; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=mcScT205OnpDoDxa9juVjfH4TXuBNdqoYqUJJmPBpT4Xiorwflv1yE+%2flPbclME7; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:50 GMT;Httponly; Secure
_abck=69A460DFE13168CBA59D70723CF1CF97~-1~YAAQ2qDVF+ZL3TmIAQAAH+J+gwkxKgBeNmGQeYc82xWsoB3yRTm7e3wgeP/9WIGktzeDNb93sqIbBeklzq9fPr6SBgit0k0tcmYGtwPLgUhRc4auOPiO8ego4FcNm1+5BNOIrYS5n0kgVxKZbfzuJQTH6wQv2CcUMFCoZd3Naq2xE9eUYN6hf/nzSRaOSU8VJ7dxEUVfYN/j2Z9Cn+jOUPkHmqvJqxNfjxGwcTJwAsa7srWPYXMMe8iXlhdFnAhFAQTVJNc4FPHULPFD4cyUFh+sGqcbCoT4oX0u1wD8d4b9mc1bBg9DJgzRZJgusysnZUTxL5NJ6m6hGvcEVyu0GEfaOXrmz1G2/k72N5ksfaDvOP1kXX6OXNZr4T+/NN/w~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:50 GMT; Max-Age=31536000; Secure
bm_sz=DDE004D6286D7BDFE967213A43756B6C~YAAQ2qDVF+dL3TmIAQAAH+J+gxMufKAF7OCWZHX8wDNy4JtJsRSm39Dw1cWaM2/H8iO/ioiSMbGPB/TozeKurJ7qRfjlc1/Sg7r2fkfviQ+Cj7PLTk0eEE+jY3IBrsp5Ir0lo9PzVGrLylQID5EHfjdepEXC2rrvcgaEJseTrWWRuyRdOr4ElmHfn2lWH/n9UIHwOfgCBLf+smPEVFLRpfMPHwY/WkCEh/NFkccvLSIrzQRrsIwSgoJamiiUGUBlFSmx1jYwr1xoKSrLuRYQUW8+7JjI4UO35NhXAmhYDnljFBGjjAUj~3289157~4469572; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:50 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65e_kf173_12446-52811
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AIAxfYOIAQAAGjQ8MqYE2hYjGvRkf1BKxSKmFeifQ05g9AGzVGxX53iZ64Aj&X-G2Q3kxs3--z=q
163.171.132.220200 OK 150 kB URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AIAxfYOIAQAAGjQ8MqYE2hYjGvRkf1BKxSKmFeifQ05g9AGzVGxX53iZ64Aj&X-G2Q3kxs3--z=q
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (150089 bytes)
Hash 9134c54e7c4ea1cb693cca904154edc6
55c4d203157b6103d63aad727988c1f874a077fd
84b7f3709bc8b6bb9a2ccb3aebdfa323b385a93c6ca9725f3e38219286b5aea5
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AIAxfYOIAQAAGjQ8MqYE2hYjGvRkf1BKxSKmFeifQ05g9AGzVGxX53iZ64Aj&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:50 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 03 Jun 2023 23:01:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A1rgfoOIAQAAFG3ZHXs4YLcrMMzcnRGSQ6V84FCZWUpJRvzL_hJfI3DUiZEoAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|69c3737d27cec80fb0ea1859b39cb94f2a9fc50b; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=OwIT1sbG%2fcDEJNkSZ%2frksFzDPqy0dNUEW7Zah67wQLT7f8tEtEMh+sVuQrdjTlw9; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:50 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65e_kf173_12358-60266
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
104.110.27.78200 OK 3.5 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d1b1a3360bdd72738e293e52317421be
959dd982844853f38ab34579ad4738ee17b263d4
e03095c638618279cc642e7a7e10d962f3d7161eb34a25c9a2407045fead2391
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61a7e46d-e1c7"
last-modified: Thu, 20 Apr 2023 01:30:27 GMT
server: Akamai Image Manager
content-length: 3542
content-type: image/avif
cache-control: private, no-transform, max-age=1045605
expires: Fri, 16 Jun 2023 01:28:35 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.132.220200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:5c0f27b2-65ce-465e-a283-da6480e2b77d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:84; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:50 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 03 Jun 2023 23:01:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=R%2ff4UCtm05Kokt0cjOaO8oDZtaUqUu4VbKBdMf%2fA7WqB4ZxDe9dTS+VsqvEXOXPc; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:50 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65e_kf173_12422-12933
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg
104.110.27.78200 OK 16 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 093dc61fd7b0036526bf39ae69597887
a27c677f83b0554434422c99b5519ace95ddb23a
f5a1bee943c64e915cc0223d3cc7e402b70794950377eb8ef040c835fad7e156
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c4a-ce5a"
last-modified: Thu, 20 Apr 2023 01:31:11 GMT
server: Akamai Image Manager
content-length: 15941
content-type: image/avif
cache-control: private, no-transform, max-age=1045671
expires: Fri, 16 Jun 2023 01:29:41 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=1045658
expires: Fri, 16 Jun 2023 01:29:28 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1045734
expires: Fri, 16 Jun 2023 01:30:44 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
104.110.27.78200 OK 24 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87b3f9d652a18e74ea8ef53a99b251d6
8773c9b3a11fb9247039d731888724ccfb74bb5d
86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c49-e902"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 23508
content-type: image/avif
cache-control: private, no-transform, max-age=1045678
expires: Fri, 16 Jun 2023 01:29:48 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
104.110.27.78200 OK 27 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 45a212ca9acc61f0bb2570fad9b1ef6d
0766da6abe3d736412ceba81a699a55110feb6b5
99dade4264e8d662c215bf128f8911bf7e53123d661d9783c0a4260970fd51fb
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505838-e489"
last-modified: Thu, 20 Apr 2023 01:30:25 GMT
server: Akamai Image Manager
content-length: 26587
content-type: image/avif
cache-control: private, no-transform, max-age=1045633
expires: Fri, 16 Jun 2023 01:29:03 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=1004005
expires: Thu, 15 Jun 2023 13:55:15 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg
104.110.27.78200 OK 2.0 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 54e10b9c13d7d34c19657767d4bab80c
e34a8ab8569f015fcc331eb9eea548cffb7466fd
3059d71b7591fed5674007cbfe04627a88397d42cc58f9a107becb0c269d825b
GET /assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6453c985-8adb"
last-modified: Wed, 17 May 2023 14:04:04 GMT
server: Akamai Image Manager
content-length: 1950
content-type: image/avif
cache-control: private, no-transform, max-age=1091070
expires: Fri, 16 Jun 2023 14:06:20 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=35236
expires: Sun, 04 Jun 2023 08:49:06 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=1045741
expires: Fri, 16 Jun 2023 01:30:51 GMT
date: Sat, 03 Jun 2023 23:01:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=1045754
expires: Fri, 16 Jun 2023 01:31:05 GMT
date: Sat, 03 Jun 2023 23:01:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=1045717
expires: Fri, 16 Jun 2023 01:30:28 GMT
date: Sat, 03 Jun 2023 23:01:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=1046006
expires: Fri, 16 Jun 2023 01:35:17 GMT
date: Sat, 03 Jun 2023 23:01:51 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2523
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 03 Jun 2023 23:01:51 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=1SWgYAkZTv2bKqw1XDGJqA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=1SWgYAkZTv2bKqw1XDGJqA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=53883DF05A9F4CA26226D6045B492904~-1~YAAQ2qDVF+pL3TmIAQAAweR+gwmu2pLLrCt3Ly0sqHd1k8nqO99BEIIq6RkzgSm8GQPHUTQ+1eVmqQ6zfBJ6r6A44YQGkGp3fcDcKuvy4K8gTKT1S4m3zngyOXD66UoXZGk1+R35+whFM03DhFMoW+Fv4cRPMoKJ8L0bil1yKTGwjbyeMI700cJsfqr2KojFSfyzzJxzjOHMRgaoU3Jj2GLj934Mv3RZ/9PSnTF4Q9eUDWsh9LUeZ4KPJ2TH5L3wfZmU+JC7vPrR0qz8UCv3hk5qWwM2+xb7uC+nkIR35tAd/RO+KhuDP+9EJYjNxVI7hzp8ePHl2NpWCg3pamS8cbCo0JrmAwf/b9fHSeY7X0XzUIYYsZdDRMEW6MPOcKvJ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:51 GMT; Max-Age=31536000; Secure
bm_sz=D54704C672594EA7A47EEB2D7E87C396~YAAQ2qDVF+tL3TmIAQAAweR+gxOV9GMp2h/tY8QNgo9AIab2to4JypNZr+f/lAkde8OvtTbumiUXJOgYTHtbMREpP7b1kkenAtpR99vjazFK497/RkVMwCXaVJAy8GH0PZzwEDIJSZvKWdoKdytnZeKrJys6+FRHtUrHSezg52dHA0+zxahBfxBTKex+nStbg2OSoHSsOUs4HgyVfcpQrgU52JQAF9GvvePjRjgtDCBfdeRlybdt4L5mAfpecapuU03grh66PyYMs40Xu0zqI8g26Wd2j5LiCa3+QFrFg3c9ipMy4AzA~3356720~3227955; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:51 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc65f_kf173_12422-12940
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=1045692
expires: Fri, 16 Jun 2023 01:30:04 GMT
date: Sat, 03 Jun 2023 23:01:52 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=940544
expires: Wed, 14 Jun 2023 20:17:36 GMT
date: Sat, 03 Jun 2023 23:01:52 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1045700
expires: Fri, 16 Jun 2023 01:30:12 GMT
date: Sat, 03 Jun 2023 23:01:52 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=1045564
expires: Fri, 16 Jun 2023 01:27:56 GMT
date: Sat, 03 Jun 2023 23:01:52 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=1045719
expires: Fri, 16 Jun 2023 01:30:31 GMT
date: Sat, 03 Jun 2023 23:01:52 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=1045608
expires: Fri, 16 Jun 2023 01:28:40 GMT
date: Sat, 03 Jun 2023 23:01:52 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=1045938
expires: Fri, 16 Jun 2023 01:34:10 GMT
date: Sat, 03 Jun 2023 23:01:52 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=1045609
expires: Fri, 16 Jun 2023 01:28:41 GMT
date: Sat, 03 Jun 2023 23:01:52 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2486
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=g83pzYCLTWCIQPcN2W3T5g%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=g83pzYCLTWCIQPcN2W3T5g%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=CE3E39F5024C99B68593E4AAE0465CAD~-1~YAAQ2qDVF+9L3TmIAQAAuud+gwkW0+Jk6OwKadr3VZ9cpyJFgc6O2dxXbmsDPmepUoxxlJV10D3MjwHx4KJfh6wAfVa/TFy6nCfWxWy7BatM6Cicn4/uhesnc5/9xzFAbc2bWus7sH1uqioQVp47xmdaE2c+DQ0ryD7TFC9Z+fvlZiLW3OpZS8M16J21HO3n7lmY0eqoUA8rnNQw0XhpE37m3k2Mc8hYFrHrX1JnFqZxMvXL1iUXnkz8NGjTS6HKimOoPumwJSNeXX2WbudvcjlO8yCyAW9dqtJIwIFcyASbdfhAWrSxy4dL1JPuVsD3RtOc+37hKUC9FpHaaCJu/d83/plmLYgjgx3GOFBMypbWEE4p10gtqxuKJHaN9MPC~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Max-Age=31536000; Secure
bm_sz=A6C3274367980A209811FD42120FCF10~YAAQ2qDVF/BL3TmIAQAAuud+gxOou5mR2l87bCJX6fALXXj8PM3UZw/F0VXWsoQRboq+01oFZNA9I63w5FKcgAn5Av5mvyfPMLOROHJ/YRW+uwUBpQWSvkGNjaH1m6npq1CAmRIujvK80ZSAmtqNTYlmycc1C0a6iKDeOCjK3JRl7o4j2v/05kd0JX80KVoDISjkMg9WHcZI6OtuQWbTlvGN5jSZufIwmCy0nOAF2CjNlc6T3qgi1twDeT4A82hnqyMswH7w2vtz1nWA1ni9WyRI1Sp9Jl8rXzGjgL5hesPdssyxBPpl~3420482~3360066; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:52 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12422-12948
c1.wfinterface.com/tracking/gb/detector-dom.min.js
95.101.10.106200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Sat, 03 Jun 2023 23:01:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=xDKtW8K49Q5dqREAeShXBA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:01:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=HNfyiZsXYNsaGHkx43sNZQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311613&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311613&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311613&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=XgZRjFCs3fDb+O6mleceTayFjXXBI7xSG2pIuDWr56LJLB%2flfdalc0vCdGW2Ufbb; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12358-60312
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.26200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sat, 03 Jun 2023 23:01:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qhyFabBSekdMub+KRMluxA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 969 B URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash dacb7d751850029243b3c567a522aa0e
6cb5adc1bf493e61f848a17322de9599fc51c644
36e2943dd7d4f47238db1eab5395d75cbded4ac572197d34b41151012e014805
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 969
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-b1fb3c5f-dd91-4572-b3bd-a4b832a29835' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:152; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:63ce331f-cd98-4ac1-83c4-f71ded77a3ee; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:63ce331f-cd98-4ac1-83c4-f71ded77a3ee|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:62; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=103D1BDAFB0763AC53E32038B81B2CDC; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031601521617586389; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:01:52 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!xOk7wQyrYgjVDS7z2xKqB3cO2dndHtaFFjyvRT+vIuuzq7viCjcw5M7XTKyKgE8wQo6IvHJR3NwN/RY=; path=/; Httponly; Secure
DCID=JS1j4zFPQLO7+zJYkCfui3pmXNc6kXalQq95jTWa1USikmvw3ZXy0LZ1Kir4MxPg; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
_abck=E900CCE612752D50ADA3BD16788A713C~-1~YAAQ2qDVF/FL3TmIAQAA4eh+gwkMdicPL+gYKDjkxoITskR3ZZzLvFrj2n+vyiLExGIdjCCHXFEpgR0XiSopqQutsmIwWUQ87zE69BcaEJ9rY3HDH248MlFObX18YL7l3T3vl2zilNrqVEwtV/wPckV4j9Ph+4dMQTXxdmMi8MMOq7l8t4sXCq31AfQhpH6nmlu+a4yEjg1p7uirNCMil62gOs2u0DEtf6fC6ts+q0XF3q+TF17T4m5JuEGdSEDYwYwdpRiVX8+o5Ugi2KPxgCXXX367rTZKL/PB9WSK4Hg6konzGdvkcMJEl/BvNVC08rkF67r3xx96ItPf5g/HuCiP5YkzR0uiIYH99moBLCs7Bfvzgsk44sKCv5/vGkV3~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Max-Age=31536000; Secure
bm_sz=F3A0C900E67A4593C0195D24D1C0D92F~YAAQ2qDVF/JL3TmIAQAA4eh+gxNGKBWqVX3x9gkJ4VYy8WaB8+FektIKMQ2RIbUlc2ZX8zS+MshBWMlSlcD5YlWyPjDmjyLXWD7lm1Uibh6S92hrYl9Y2G0YOWu0jEMc4IMoEQsN0AgF09HTqvdOxfGyax5Y15LA+rlkL71LHf2zn0wEfeQeZJnOwffe9niL6CnvQCQw6Oxkk56U3rhJOuJfE3NbXAhLC8hzV9KYRAQ+Fp2193ifHpFTETG++k5Nz+jlk6xsHQAtClPPfiJG2L7L8/KwTnErPpJqWMbbImxM+Q5lAMUv~3420482~3360066; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12434-48154
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 972 B URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2441), with no line terminators
Hash 19f3077a6fe5687a094beee92ce4ca0d
6ffe79fbbb9b07ad4182c33297cf1fbb2f6a43b5
cef56caf403cbbb8177261660cc5b078630ab6fcccd53a0aa42df22b0a056cc1
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 972
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-501e0612-266b-4488-bb4e-618ddfa5150d' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:152; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:facb5803-6551-493f-89e1-c19003354d6f; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:facb5803-6551-493f-89e1-c19003354d6f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:62; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=066E8E06F0572EDA772308D402EFD2F4; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031601521905202211; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:01:52 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!m+00hyOjbSHxvRAMntjHYqEj2JIOPHmkV9Hp0QKoCdnoGoSJO3Po6hOfAnSGXkvFHn4nmzYGQHDIpIU=; path=/; Httponly; Secure
DCID=Ym9FF8k1FUwrC+%2fPRxbheWZ5NnCZ%2fQAYgk%2fXYP%2fviXaFOCIfkMIvNI2GlZGZMtrE; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
_abck=8CBD5F6E85D834132E89775F58E8B3E0~-1~YAAQ4KDVF9iJ/3iIAQAAnOl+gwmFRMiC0I3eIPxF0+lMmA5O+oot0Py6vEXjH3C5D9NBwV4PVRONs+hnzUNKgOVIcqEgOmbn/yCslUSvMTgmRReSFd5fv4ZWcl0CRxRiH9+Z+PUgpeBJlAu9/Ud6JXG/EJvFJ/+V4Y8a2Mz4I1zb4ZuyyFLvq8WT1oXmCm1nepGe3b+i+Irc7M7QnEkC8mh/wPCSkmFaYr7RQ1dk97faBMlew0sYzX7oej5QYzGWfZfcFH7RcYqKFtmxXqPQkfL0o/zxIqIPqP2cebS0vtSXia7LqMN7wCLLNW7XkOHrIP5JJ+9IwUGfffroVqAWa0bLsueKaWTiLPSF0EwwzaIUKJr/Ij53YY96M2achhlx~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Max-Age=31536000; Secure
bm_sz=31303DC45F9C6A65643CBD7752097346~YAAQ4KDVF9mJ/3iIAQAAnOl+gxMsTMlUWj+nuixqpMhN2DzzrY3weybRdBF41c/w8TiEneBc8ecdjv51huUqICPE01MoLcpJQcinXrkShgZ1cAumIIzsW+JObPwmAGXAKMl4GDkBV359gHbi+4kHWgV3HS5tX3+O7fpX7x5VjMlZrPGtHShi1/f2aOauJjCH4h7pX7x06ff06XuciWoMqMN/RA67fptageSKJBeSoYcpWBx4MX/h/1I1bNOLGf7iClXbhpSuh/5bfMtKJozHGXSURTNbaQxCOOIRERs7sJOM/Z72U3ci~3420482~3360066; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12434-48153
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
23.36.79.34200 OK 151 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (150797 bytes)
Hash 1c1e1b9136ec48220561f519d8a85448
a8d1e72046717d0b032ce82f1650782e1622499b
afdff0a553d45bb02c68f3331533189c038468ff0b0a9e830f3eed45c8d6403c
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:01:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A0_ofoOIAQAAtu2HLVwy5qh3qPFajbOqP3Ee4NIruAjX26AfWUIrw1Zhhq5qAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|971fb28aa1cbedad639f936e6937a87b4b99f883; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=dwa4BPrA%2f5zV1mthdHuQ+0Ia2d16WFSufnbvB1EYqbE%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 972 B URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2442), with no line terminators
Hash cc92adefdc5c363257aa4908f12d6694
e9b55c2440807d45b6a1b02e0948bce6d07f5c0e
e8b91a9fc5b53f526bf0387994185e2c67fbe3f1c39a4db61258cdc258c0f6d5
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 267
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 972
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-70a4c285-74d3-4d1e-8e02-ecff94c598cd' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:152; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:e7f84d8c-18ce-49f3-9f0c-1283525f9ad3; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:e7f84d8c-18ce-49f3-9f0c-1283525f9ad3|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:60; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=A6E86DD49E245F4B671E66032B08048B; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031601521350438727; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:01:52 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!o00O+C2XMoM3uLwMntjHYqEj2JIOPH8iez3IBHrcXtlQ2igFUuUV5DcLWVkc+CeiCK4cFQFBLXzI1Mk=; path=/; Httponly; Secure
DCID=FVcGpbm6lqsjRyZCJ4Gfsr2%2ff6%2frNeuVxHLmhblSzMIDTDhXylDT%2f9N0YELHosSd; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
_abck=A2E8E902BFCCD0288FC18897533AF49F~-1~YAAQ2qDVF/NL3TmIAQAA5+l+gwklR9dwqJ+TUW1M0ifo7aYCr5o4otVOtJViOKMLHF1c+FjsuleqHN5GDFvhc2TB05PmnKaDQ4McOJclxjJWdzsqBA5xPYBJ1RV0fpizNSoz2StuzSecC51/QLJlPHvqyPnV6xG5bx53X/bMDCMog+djKuseecbfJUatlW3EPfWCg6mak7ioLof4UF88LEPr1OYRl7DFJcSXU/qAQDwfFIU8Rkzg9I5Wof3swm0u+lQcMghaDgC7q2Xpx5GLd3xHnnri70Hy6rzCBbiTiYkJyXYgSQ/a9McxRgqqCIoCeK5C2x/wSVcVyLFlNWBqKi9Z3Q2TMuSqcOBnDd5O7V1o/TfQsHKhqPGbifAgZgZq~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Max-Age=31536000; Secure
bm_sz=3FAADEF6EC6A237999A0374A79DD2EA4~YAAQ2qDVF/RL3TmIAQAA5+l+gxOEF6lMPLH5FOA3043RmDZ15re5q/WFHuNuxjZewadfiz9fR8zfjDY3LGu4RmD9dA7htHfaVZhEaUgnV/rjMDD4gVcOmwFqva3W0Whh5C9LJBuf+8mDMR9uZMjwWS4h0nTJxiJhmsuI+3vDftnaWyVA2QngjNF102DR4h1MjjELs9dMu7VygNjQ5nYHtqlZDuAGxUy3rdnWsrTz/Ec4j0bFtsDk9ZNe4A2imh87Lmrs9qccRhMwi/2Qw9fDGj6DVbMF2+pumzxd6OqUCkJhsSc+EeDR~3420482~3360066; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12446-52841
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311688&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311688&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311688&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=8Y6wRt9BNh7TLiN2RgvNgTT2Vgcrq1JGCsuQRbMAUZEAxL3Y47b+vhCwU703fYy9; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12381-34031
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311706&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311706&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311706&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Ne7QQKFeDtEzJNksgXDnDVUqTgMcv+E09++MI%2f4aBwE%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12358-60317
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 969 B URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2437), with no line terminators
Hash 1fe7a1f6742c0a9a02814e0bd82edf46
6516321abff2b236fc7065e2b36c996cf6e9f30c
9d304c547ae7b854c7b6e179c738e2a2c77be9af5e03417c0ae5c2c1381caa9a
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 969
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-dbb64e9d-6b26-41ae-92b6-110ec015d7ac' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:152; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9e617086-bf85-44a2-b6db-b6f1fadd0301; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9e617086-bf85-44a2-b6db-b6f1fadd0301|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:59; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=3A4AEB8BDCFC8BA12706EF01A4D9B873; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031601521839440320; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:01:52 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!H71VIYT+WLpuIqIMntjHYqEj2JIOPLggP4OCxtcEGkGMwbiq/ElfxHScasfmyhU9Y0E8s825sf569pM=; path=/; Httponly; Secure
DCID=5Tu7UpLKFqmbUnUwf4byhWCQ8wN7UugLu8sddVfJpEnj2sdKZcyxskT3sWSGjDBY; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
_abck=7D9D08040784F3AFFD879B915BC00DBB~-1~YAAQ4KDVF9qJ/3iIAQAAD+p+gwnmPX5ebDiJcCUZl9E2gyPFYzs5H0g9TJImn+1N5LcjpArdCbd3/DosROrTbpgwsF0yG+eeefCudAcY7XdaVuB3lvHt9FQCUoCkDToqRnZVuUXorFifCHKn3vxwdWLJK9qXP94kWfDCgrvmmoucuyLMRyu4BNFMAh4Y3lv/TtuLCte9bQB3iaxv39Chdc5lpR3CjYl8h6MvUnBWdExs1r7LekuylRWlwFRobq/VcgrNMPjMgChvYlmVSOayQYUFsQokTrk5CBXx+twchFcFzpjRIjzlqPj2//5i5aVW8yzSu4nsXYvPBDeFrutHyHlEoUZ7XLTkz1wPBwUMv3OjFz13+9Z7XhEZL/bMO32m~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Max-Age=31536000; Secure
bm_sz=6B55065309256E111F84CD0F2BF1F6F3~YAAQ4KDVF9uJ/3iIAQAAD+p+gxP6A9mJeay2CSPJfRpfxgIF0etGmn/cKmTsvYDTdIKz8yRhlHoHPq6EnES4w6GADEWgfZuWvJu7Eux93AW0WzfTTQWS/0HfHbOyOG7t3maBHYlhM3SUdKXk/M3ogi2bZnQRSetFPC4aBysnmGKQUAzSi2dhKzKU/NG4l3kCBbGf6eEOUj36/sE4OpLuQTZbgV3NoSoW4QJNZrtgzxWfsdU6G8zfuDJHLtyuztw0Y6g+c9NSQlwOoE8zbGgcl4i4E+oQen3rBRZDEzc/3cE315vnz7j6~3420482~3360066; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12422-12949
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/jsLog
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/as/jsLog
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 166
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C18945883073400977105255697388790494676%7CvVersion%7C5.2.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-3ecc5c35-e545-4ab4-9ab6-4045ecfb8fd1' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:152; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:90e74024-07de-45b9-ad3f-6c3066738239; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:90e74024-07de-45b9-ad3f-6c3066738239|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=EDCAB3454FF6A85B5242B2F48A90F36E; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603160152433339114; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:01:52 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:27|i:206915; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:27; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:27|d:1; Expires=Sat, 03 Jun 2023 23:02:22 GMT; Path=/; Secure; SameSite=Lax; Httponly
ISD_WCM_COOKIE=!yhfMWEu8IGRF7fIMntjHYqEj2JIOPLqzTBBO0DD9ouRHMcQjl+4f0zXTEFCDmGnbj9KSI2A4Ej+bnQ4=; path=/; Httponly; Secure
DCID=aSYXvMwEJKuIO4O0tGcCsaEuOB0MEPUiwSPWiqQG+Tdq9EcTND00kP2Qixn0KzAg; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
_abck=3CDF77D48781665EDE8B0BCE5C1BF4B5~-1~YAAQ2qDVF/dL3TmIAQAAEup+gwnv10Yd+6FyMDj85E/0iCVHLSKCBEUfdvF+Du45C2AVw6c4IpraCR4KW5PRVnoCE1tRJiaAWywhFpsyEmRkVgChLbNGLy/SCqaTSO3kzlZIvhLIwUcr+zbeeXaAGPjejex62Iu4PePHqP2lKEcjD8pe2bUKMceAsJLv3YT45mYc+3cgeCVZaLjNyego8cwFoSTTrVOi8CwDfUzxf5LJz4qXDngPH8Gq3UgIVaXEDIhlz8v5uuJ5clhj2Y296EIzqTFVYM7i7T9ke+nHsKHDZA5NXJM1Ln/LhVXYUImKIiZg2aoiRTmy2rGesU1z/vjK1ss19dn+b3Rci/hDFukwhGVDbbHjudZ0m+Pjke0I~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:52 GMT; Max-Age=31536000; Secure
bm_sz=93AF8A35B3BFA7684EF8217D16BA2B99~YAAQ2qDVF/hL3TmIAQAAEup+gxN1ivYwLcPGaf7h0fSrgMyDueVn4GNSALjNCNv47lkZzTZ4eB6rxaQnxrGzGwrHEEEGuaEVB5jY0DJebCIbmknCNFyGjA8Y3kleqNLxayTzT7o+HrwXNQ2i5e96Ng6ac/sqZ7bi60vCfx+Gm4N1Q8TQsmhzCT2x3M3dqiByZUM+g4dbO9L37TDW4Wiqn5qCRXj3vUfgekrO93HnjSqZkAg2SXxz0QVWU5wKni8GROpY8APhW0Bb8EMtdL8AcfmMWa6p1pCqt2TariuSxe7tZhwjIQW0~3420482~3360066; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12434-48157
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
23.36.79.34200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Sat, 03 Jun 2023 23:01:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=QlG%2fmSmpIkFVCxF1Y5yNxprSCFoZEgIwG8fmNXj32uH4KbWQdC5OwcGPd6rxtwM0; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311712&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311712&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311712&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Gvmtr5eKUq+Ac5Z52ToaXU+%2fy28q1id0CCW9FognM6o%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12446-52850
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311709&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311709&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311709&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=3I36E4a5m%2fm%2frgwBIISIDpkoGiOyuAfp9h53JradbKk1milpbeGen8AdM9Yl0UBB; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12434-48159
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
23.36.79.34200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=5yw8bhS0jgWVitIQtz5qrQ%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
23.36.79.34200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=pU2XyHDoXeDeMg0yhHnoYw%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311729&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311729&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311729&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:53 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=zkCBW6T+5wLxmsK0pbpPMzIwI94xam9tGQHjxm9u4vk%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12446-52853
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311733&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311733&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311733&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:53 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=dgT3y5okCczGVuhjufxS6DqlNaM+s2nKTq+VwFwIOR5jGBwnvdoApZB175yb1Wre; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12434-48162
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311715&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311715&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311715&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:53 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=TY%2fsA+ztornkKjH%2f5IeEe9dRPRu2mQFnqWCXflhqitJ0wDWwjvgpknJ%2f6KY59ial; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12381-34039
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311724&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311724&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311724&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:53 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=oOQ0vtco2h+EYPDhMNVTj3doFxKocE4LlxLb%2fsOyJU0gt1LD8aKh6f9kEv0XyXL5; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12422-12961
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311727&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311727&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311727&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:53 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Unny1jwETLQvu5HEH+CTiNA%2fDvLOl7sPOLrd1bOmYjA%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12434-48160
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.34200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=45VBY9gVjPHMPaWdI82iXIRZEQb7Ld4%2fMoxMdIze3h22XzpGXxqdSTElSRz0JNUh; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311721&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311721&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311721&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:53 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Co+QBciJl9rwbZUNzDT0qn0+EfTx06APVKp+DM9uTMA%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc660_kf173_12358-60320
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
23.36.79.34200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=JuQJD9SfANzPI2EUcnVvL+MFWwHVD1Sf8VRN3TqPWnF6wULaaGFiHYcKRVCDPzXe; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=4GwK1HGn7lir4BvJdUXjLg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=chXgd82KEpNzOq9i7LZrdg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=8973MLtF+shztqhfsq6dWw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311741&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311741&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311741&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:53 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=lg2avX6wGX7QLJXeVkF2Mk6KARsoTwQvLNebjnK3jrg%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc661_kf173_12434-48165
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311736&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311736&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F&cb=1685833311736&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:01:53 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ozqlQOY6OeKpc+ldqxMte0mDT55XJiuW6N7q6ZJ26uNksldfivxex4FAsXc3WsPz; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc661_kf173_12446-52857
connect.secure.wellsfargo.com/AIDO/glu.js
23.36.79.34200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4ee5c9fadb963be628eeb7a0843b0031
48a41694cb4bcbf43553dcf6b93c19e874385ebf
7f3f04e4bc45e9fbd4a62c89808094f6e7429505cdcecaf8baf54dd888519f50
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37177
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Cp83G8Am9Dr4wMZ6V14thgn04FOjMoqQWX%2fpnHqoDTI%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.132.220200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 92be282828f548f66b865717d1afb0c2
872d4b571e215b3b8dd611bc6c21dfd7e8812661
35f052c5ef85627fca1ac9dae1bcaff1bd5190d70431b4a2e8440a759c663366
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------1956110203666679692570364450
Content-Length: 167
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:1$_ss:1$_st:1685835110299$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:abe7cb67-12ab-44c3-bad3-c0816d11f943|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:152; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:53 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=f4dHAO0IfOPruHXdAdd9g7QbmFCaW08o1vthmbLnuaJMBVh0FgCd0VnCaE+h7pRU; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
_abck=ED53B5391AC360B807EA0AA317FAE088~-1~YAAQ2qDVF/1L3TmIAQAAuux+gwl7TPfeue+bSjUe+9zAK3XV5sOrPMJrsIiArKqwTYfBs4xx3LOxtcFgoxVZuJeoiCvN6MPok1SgCvEpSb5nQ+V2fYwPiEhfe8cQpzFawZ0yxaVYCcyO2HD5lnNYTlbFpAVDvS2ID6csl1TCTAxMBNL93vyihcy7zwZMOAU5gxc5EwHkswHXYfsUAlw9jvr+Gs6Hd9kYZqNHk2nazOscBBTx+37D61syqgU11g0Rd8fNfWzphQqNb6NYLWxNHu2YYqjCc2YjXPXIt2dKey5/KzfvsdVfObBbJKUJ+3I6mQEdPgoEFdVWs5b3iYLDf3c0ijISmzt0UOZTCyKLcH/VJrAyiQekrp1jHGe3JlhR~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:53 GMT; Max-Age=31536000; Secure
bm_sz=344942DC99083342B285242388891DBD~YAAQ2qDVF/5L3TmIAQAAuux+gxM1uyNcbUA6jhwVG+jOThLRMN9y9HADLDG2fqJ6b1mYyoKT1cXr1Grwjehh3sIRt301X5rvN/ZyZz0RQdzk5lYJ4N85d5EfNaf/kTh6JWR+FPxC4ubvx4SV9tmA1LQxV7/Di/JJlbch6XPbwak3QiWBop8bgUZuqK2scx/+kWJDh0mk9e4CWjCU2PAIp/WUi5VCcvbIF1uBQEukMVjqTmKak/MaQMkhEs6Sf2OClW9xx0d+arfbyyl+Twn/01iwkd6rNvUbhnKkzmzbZSlrifowPkSP~4534325~3683127; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:53 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc661_kf173_12381-34045
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=wbKlgHJrjlRRaPsmmS6YwA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ga.js
95.101.10.106200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=M1lyhMN1sd7h3yUXyrX2Vg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e%3A0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pv=2&f_cls_s=true
23.36.79.9200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e%3A0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pv=2&f_cls_s=true
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 49645c543086e9ba8eaa25acfbc13ec7
5ee0b76646b73dd925fefbef9e1a9101ac151f16
6c7a6ef612a93ad580e778be82b0ab1f577368ea4375945039032f8e1c1ed2ef
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e%3A0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!wr4cScXxUtw2dvx54TfMmyz5FQ342abM9dNTbZk8Wf6hnZj31pvWqT5r23KBwRcRrGF4KjdA4l0esYA=; path=/; Httponly; Secure
DCID=KXm%2feQHUnKCc%2fVXwsntYM7LY4edCbKs5IngcyOxqjt0%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
95.101.10.106200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=e2NafEFcuUHuRVSmFt86Kw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ec.js
95.101.10.106200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=eeBgq%2f8Xo8kqiPaDOzWFjQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/jenny/nd
23.36.79.34200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash 7791f2ff84d154b46506d913f30ee929
9e18863d3b2ea86b34d1de79e1f236d77a8f4d69
c4c31fbf39703dc8526397be75fc9c4d4569b93889513790794f5794e272fea2
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17863
Date: Sat, 03 Jun 2023 23:01:54 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:8fbc3a60-b40f-4f18-99bc-2d0c05f2900b; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:8fbc3a60-b40f-4f18-99bc-2d0c05f2900b|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:4; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=HfaHxXXMRO4AOey0ttNGS0fskMWVfFhq+GcrsUaWGUY%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:54 GMT;Httponly; Secure
_abck=D331F4DA39258FD11372C33615C51B9A~-1~YAAQHk8kF11WR22IAQAApe9+gwmmQeYFzZkQrFC6+PIxe279Mx9R+g5QSu9rl5xVYbWd/f762uk0xA1AQapwtCjtVxiu2CzcobG6AXSH2hakXBLMuF+UToXvqEYpH6SRcBq1/QBNWVhVDtvsthE7hAld7u/uW38zEAXS1lR5hcRr/uGd3uxsjmlae3L0zxhhnGzkMqrZTF4U2MBe4SKKXKNfhTZ7wNuKsGIVRbctUnWFi4Ps/IKfIbRae6giCImsNfLsCKkZ8FWflWZLvVgKy3l2mLVzrq5S/nlayZrMp8CwjgWU1yFyDDgY+5aajn+BLSReZyEl3BP0/TqbERALT6avzBIRZd4Mb7Omsvv/Y1yY1F6EoboRCKIfvuU37skJ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:54 GMT; Max-Age=31536000; Secure
bm_sz=FC8EC6474D25E9EE056433D0422A3793~YAAQHk8kF15WR22IAQAApe9+gxO4cShGAfvOolzF4RRtQKWsXnSDmwmHKEAQKAn6HAt8yGUiWFtLo8TBJcw3BRp9GfvuvtgTeRJrqzxJ3WsGF56ZXqt4areQSgvLHguEXSNd90bjunGZRba4F9NKqTWEElpKXRSkMDe6cjCxlRXMpGZT30ESAN0k1WZkJahy3u2N5O9bKpzVL0SO+D/83FhGa0nZiiVinIHwp1zCyB2/Lwz+t081jDVqiIhGD/xUtGuEgFCd1DRrZgikOC2SzYJYnekIB/utWBm6PBwU9GH/xSrBTZqZ~3291458~4407861; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:53 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ort.wellsfargo.com/securereporting/reporting/v1/csp
23.36.79.25 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 23.36.79.25:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 3f7d472e-8c71-4a48-726b-c3c0b48add93
X-Xss-Protection: 1; mode=block
Date: Sat, 03 Jun 2023 23:01:54 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:243f0b9b-3389-4abe-a491-898d94ec9a8c; Max-Age=30; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:243f0b9b-3389-4abe-a491-898d94ec9a8c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2; Max-Age=30; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2|d:2; Max-Age=30; Expires=Sat, 03 Jun 2023 23:02:24 GMT; Path=/; Secure
DCID=q9ova2OiJt6Y9QzZgT28%2fjqUCoSbxIC+dZ%2ffTODTDzc%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:54 GMT;Httponly; Secure
_abck=42FDD9E583CF78768E74250D8FC798ED~-1~YAAQFU8kF6nw50aIAQAAue9+gwm92AjHYn8Ls2Xpu84TwUIYaJ4PjTxdbbrbtFvkKd2zA854PZD2qT13YpcBap7FqNhMAbeY6id3yButCS+5muW9nuZ479we6RntyTMAGLGP88gFc/92IFGKsbq8ydaIXwZDzb8WS2kIxWA2LDpxwWtS9ZxWQm1ECyKKKlV8DqGXPYLoSpXAvHPNFMiw9WhDVUSQ6lQhS82ZYRIUDhuiWYubwDg9lN73+x/rXY4bV5rFYbaGfiHflebb1W2HTRmDbai0yVESl9hLI33sD0cRzVk9Fee8kldhUVmITf6FpM+ueGuICPEvvWx5lcOHpMpnKaawhnOBeQpbAJjHyWpz2Dc1p8XLTkEHewqWeAeb~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:54 GMT; Max-Age=31536000; Secure
bm_sz=6B810CEA30BEC8B9ED644B75C223E746~YAAQFU8kF6rw50aIAQAAue9+gxMBRl953IsYTDhFqr+2qWImIRryDh15o+M45/tlPxzUrZ5VDfDW3Wi5KjKyREs5+uno6/891MWlhGltmDvDqJhOOeJ6ZMC5TJjJr8W+8YXEsaNi9W23PIjeE4NXY3BaNnpNy6O+dVUKa9G2nmVFY+UvDCKpelQM37QJDKJSgy81KKi/Bx60SkYnJ0jLWeXi0XvJkLAp2jbad/7OPCCbD8cXOpSJazSa9qG+7vjSexuVBLao/qa3bHbQxgri+v/oMJnh9CXWy8IYLjokc3qRR/DgjtVD~3686707~3750213; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:54 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.5459226646863702
23.36.79.34200 OK 52 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.5459226646863702
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash f4d7b23f1f0a6a60d76ba91463f51201
d05bfab128f7242441219ee92e9a01c065f1e974
db3f7a91bd99741ecd402f41b2c2a87f3d0b5690a900b824e9d94392558f6043
GET /PIDO/pic.js?r=0.5459226646863702 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52542
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:01:54 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=aLvaZzmDC3oFe0Zm0RhaSrNJBD38tdR8MI84WHZivqzxTqeHg+Zz0oLL53eG+q%2f1; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.5373371283456642
23.36.79.34200 OK 137 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.5373371283456642
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136646 bytes)
Hash d1e8aa58d78495c510dcc2e584111750
1abc3b07ebad07bffe679acdfbb93f7d1f403df1
b888317afbc0f86a2bbee0369eedfa62a6bbce640599bd1380ee9c05fe506689
GET /AIDO/mint.js?dt=login&r=0.5373371283456642 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136646
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:01:54 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=BOWjjVkYxZ3Tw029SrtGZxNvZS%2faykyh6TNYc0KcsW17ynE1To2u85e9jSfTFD4Y; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEB0L1I3YnhtejZKK05sblliOFR3R0N4MVNabWRVenlPNm1OV3oydkorVkFGOU9qU2EvRFlaVUI5TE1hb0FyaS9hd0Nabk5rUlBWeGhmdmh6NGtaQmZKVVhWdFZyeVptMlFMZmJpL0FRQzBFVC9FNUMzNFNxdXpESEcra3JWK0hEdmVVaUFIeFdxblZJTXRjVkJENHpYWWQ0bERCU3pDRkFDbVFQQkVJTVN6K2hQK1NQcUhKN1piSjZqU04zQi81VWduR0NVOW5WUThpWGs2bGFTaTNucjRMVTV4bzlOdzdQR3h6Wi9CZVZSYUdmK0NXWlBSV2VPZzdNSVJQK0RnWURDVUNOZ09jY1ZITlNML1daSTBpQWxINzRyZkJxb01iNGl3RDNwaUZrPXw3MzdhNmQ0ZmE3MWUxYjkxMTAxNmYyNDY4MDM5MTQ5ZWFiODhhZWNjMTA0YzNhMDZlNzYyMDNmYzUwYzQ0NDdiMGE5MDc1MGZhYzUyNmZiNmY0ZjZjNGY3OTRiZWQ2ZmI0MzA0YWQ2ZDM1MzEwNGM3MDRjOWI4Mzg1OTEyYjQ1NWZkOWQ0ZTQxZmIxMWI5M2MwZWJiNDg1NjRkYWNkOWIyZjE4MTFkMDViYjdiN2QwMzM1MDU1MWQyMWNhYWYzNmY0MzJhMmVlNzlmZjcyYTNmNTZjNjUyMGMzYWU2YWNjNGI1YWRiODgwZDQ3YmIwM2UwMzc2NTA1MDJiZDEyMDI5MmRhMmUwNjU2OGE5OWI4ZjY2MTg2OWIxYjM5NzUxNTI4M2ZjOTg0MGMzMDQ3MGNhMzRiM2ZjNzM5NDJlNTgxODNiMDM2ZmU1NDVmNWQ0MjIwZjcxYmExNWI1YjliYzAyMGI3MWJmZDg4OTE1ZTdkYzBkMTg2ZWMzYTMyNmVlYWRlZTQyYzM5MzZlZDBkODY1YTQ0MDk1MmFlNWU5NDgxMjU3MGZlNTc4MTliYTkzMzhhYWExMDA2MmIxN2M0Yjk2YzZlMjg0YWYwYWE5ODNiYTVjOGM2YTQ0ZjEzM2QwMzgzYThmZjZmOGMyNTFmOGNjNzNjYWM3NTYxNTZiYmIxMHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com&t=jsonp&c=cenzoktrpuwcllel&eu=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F
23.36.79.34200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEB0L1I3YnhtejZKK05sblliOFR3R0N4MVNabWRVenlPNm1OV3oydkorVkFGOU9qU2EvRFlaVUI5TE1hb0FyaS9hd0Nabk5rUlBWeGhmdmh6NGtaQmZKVVhWdFZyeVptMlFMZmJpL0FRQzBFVC9FNUMzNFNxdXpESEcra3JWK0hEdmVVaUFIeFdxblZJTXRjVkJENHpYWWQ0bERCU3pDRkFDbVFQQkVJTVN6K2hQK1NQcUhKN1piSjZqU04zQi81VWduR0NVOW5WUThpWGs2bGFTaTNucjRMVTV4bzlOdzdQR3h6Wi9CZVZSYUdmK0NXWlBSV2VPZzdNSVJQK0RnWURDVUNOZ09jY1ZITlNML1daSTBpQWxINzRyZkJxb01iNGl3RDNwaUZrPXw3MzdhNmQ0ZmE3MWUxYjkxMTAxNmYyNDY4MDM5MTQ5ZWFiODhhZWNjMTA0YzNhMDZlNzYyMDNmYzUwYzQ0NDdiMGE5MDc1MGZhYzUyNmZiNmY0ZjZjNGY3OTRiZWQ2ZmI0MzA0YWQ2ZDM1MzEwNGM3MDRjOWI4Mzg1OTEyYjQ1NWZkOWQ0ZTQxZmIxMWI5M2MwZWJiNDg1NjRkYWNkOWIyZjE4MTFkMDViYjdiN2QwMzM1MDU1MWQyMWNhYWYzNmY0MzJhMmVlNzlmZjcyYTNmNTZjNjUyMGMzYWU2YWNjNGI1YWRiODgwZDQ3YmIwM2UwMzc2NTA1MDJiZDEyMDI5MmRhMmUwNjU2OGE5OWI4ZjY2MTg2OWIxYjM5NzUxNTI4M2ZjOTg0MGMzMDQ3MGNhMzRiM2ZjNzM5NDJlNTgxODNiMDM2ZmU1NDVmNWQ0MjIwZjcxYmExNWI1YjliYzAyMGI3MWJmZDg4OTE1ZTdkYzBkMTg2ZWMzYTMyNmVlYWRlZTQyYzM5MzZlZDBkODY1YTQ0MDk1MmFlNWU5NDgxMjU3MGZlNTc4MTliYTkzMzhhYWExMDA2MmIxN2M0Yjk2YzZlMjg0YWYwYWE5ODNiYTVjOGM2YTQ0ZjEzM2QwMzgzYThmZjZmOGMyNTFmOGNjNzNjYWM3NTYxNTZiYmIxMHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com&t=jsonp&c=cenzoktrpuwcllel&eu=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 6dd91e1077f2e768e2aa8a0c86131a5e
ed4b62ba8e903849f65529697bcaf16e353bc9ed
f5aab4372ac96821a00c52718e6155232777fd42b73297311a3004c73059a59a
GET /AIDO/vyHb?d=ZW5jZEB0L1I3YnhtejZKK05sblliOFR3R0N4MVNabWRVenlPNm1OV3oydkorVkFGOU9qU2EvRFlaVUI5TE1hb0FyaS9hd0Nabk5rUlBWeGhmdmh6NGtaQmZKVVhWdFZyeVptMlFMZmJpL0FRQzBFVC9FNUMzNFNxdXpESEcra3JWK0hEdmVVaUFIeFdxblZJTXRjVkJENHpYWWQ0bERCU3pDRkFDbVFQQkVJTVN6K2hQK1NQcUhKN1piSjZqU04zQi81VWduR0NVOW5WUThpWGs2bGFTaTNucjRMVTV4bzlOdzdQR3h6Wi9CZVZSYUdmK0NXWlBSV2VPZzdNSVJQK0RnWURDVUNOZ09jY1ZITlNML1daSTBpQWxINzRyZkJxb01iNGl3RDNwaUZrPXw3MzdhNmQ0ZmE3MWUxYjkxMTAxNmYyNDY4MDM5MTQ5ZWFiODhhZWNjMTA0YzNhMDZlNzYyMDNmYzUwYzQ0NDdiMGE5MDc1MGZhYzUyNmZiNmY0ZjZjNGY3OTRiZWQ2ZmI0MzA0YWQ2ZDM1MzEwNGM3MDRjOWI4Mzg1OTEyYjQ1NWZkOWQ0ZTQxZmIxMWI5M2MwZWJiNDg1NjRkYWNkOWIyZjE4MTFkMDViYjdiN2QwMzM1MDU1MWQyMWNhYWYzNmY0MzJhMmVlNzlmZjcyYTNmNTZjNjUyMGMzYWU2YWNjNGI1YWRiODgwZDQ3YmIwM2UwMzc2NTA1MDJiZDEyMDI5MmRhMmUwNjU2OGE5OWI4ZjY2MTg2OWIxYjM5NzUxNTI4M2ZjOTg0MGMzMDQ3MGNhMzRiM2ZjNzM5NDJlNTgxODNiMDM2ZmU1NDVmNWQ0MjIwZjcxYmExNWI1YjliYzAyMGI3MWJmZDg4OTE1ZTdkYzBkMTg2ZWMzYTMyNmVlYWRlZTQyYzM5MzZlZDBkODY1YTQ0MDk1MmFlNWU5NDgxMjU3MGZlNTc4MTliYTkzMzhhYWExMDA2MmIxN2M0Yjk2YzZlMjg0YWYwYWE5ODNiYTVjOGM2YTQ0ZjEzM2QwMzgzYThmZjZmOGMyNTFmOGNjNzNjYWM3NTYxNTZiYmIxMHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com&t=jsonp&c=cenzoktrpuwcllel&eu=https%3A%2F%2Fwww--wellsfargo--com--tn49329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Sat, 03 Jun 2023 23:01:54 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=U%2fH8EVQ6eaXL8sBEy7SHqdHgu%2fn4lqi9ItyVu7Wiw1U%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:54 GMT;Httponly; Secure
_abck=78D60AE016056B00E6CEDCE7DA1CB3E9~-1~YAAQHk8kF2VWR22IAQAA8PF+gwlxORMAOUJwkr/Kx82AbTbMveftLrHlR5vel4n3+l8xMGBC1ROIJ15XZXBudG1ztsFw6G5CzxVNwvTZntx5Rni6iZdGbfuBkilRfHFbyyKkgsootXAfApUAXWvrSA0LfbJTruRqgLjmrWO8QSwKG/FmsH2iRto2Pz4dsCU8kNjMxN38U7fLmjaI6y3Y3/yFfvBmjvSzf+sk2oFizwbj+ganXBlmO1pSp8aYipvlywYs97pfGE5sBawTYReOpQtdXoYmVIqdT9CENGaSTHhYcj6TT0vjCdY3o1AykL/nK4KfW74zywT4x4vT7P1SgZOgFx3sBqDBWEgc9Fx+5qRDdFrMCiSV0ft7Q+WWn19i~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:54 GMT; Max-Age=31536000; Secure
bm_sz=D1DC48CFB6D76005E1589C372CB73B12~YAAQHk8kF2ZWR22IAQAA8PF+gxM73VBaJuXXxoQ11w1QnbGnJ830a1sS4hcpEUnQAm5Hjy2xkpphWKsUQknG2aRnn5twVWjf7s/Qhjgujix3F9I6uCbGW5htWzYzHDI/Y2xDpX391ktcsW6t9yWrNkNpBbmdasV72i+zcWwqET/XUfDidw0Y335DjWJ/B7xMkCTTXtlu5ecYzV8+D4m/5Bc7QQvfiPIWfXFYcwHPR1r3IvHHupfDnNgumX9u/2k394kH2cf8yLbtf+mfiPoiXGTbY8lTsNHScOhqxKstsHr6cij5/G/T~3228467~3354676; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:54 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.132.220200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 417403e81173709c9ef25cf533e0bbfd
cec69ddc8dfa2d3762371f434edbb3c519ef005f
869a0383ff38efef03a5593b60477e74fa2aff9eaebcc4f90fa9b299c91b9422
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2050
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:2$_ss:0$_st:1685835112048$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%2C%22_s%22%3A%22RhtaKfRF%22%2C%22c%22%3A%22azQyeE13eEZwWkIyN1E2QQ%3D%3DNqtO1hJXkvGo3A1R7n2VFnuA4a9yeOKzD_ybE9SMezX0DSLdOdNRkp-BllnSP5GdpnExHhVXlFZfduOhijSsSnsZhyLdZlzuKoc%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C18945883073400977105255697388790494676%7CMCOPTOUT-1685840512s%7CNONE%7CvVersion%7C5.2.0; ISD_WCM_COOKIE=!yhfMWEu8IGRF7fIMntjHYqEj2JIOPLqzTBBO0DD9ouRHMcQjl+4f0zXTEFCDmGnbj9KSI2A4Ej+bnQ4=; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd; _cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0; ADRUM_BTa=R:27|g:90e74024-07de-45b9-ad3f-6c3066738239|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:27|d:1; LSESSIONID=eyJpIjoiUEQ0ZE0xUjlic1hsRXAxNmRPREV3Zz09IiwiZSI6IjdhYXd4azAwdFwvTnV3UEQ3NjFDWld2Zkdvd1M3K0Y5WUp0ZUFMNElzak5GUnFYa0NtXC9DU1BzMElod1FWdHlwcVwvSlJuU0hiMHF3bTRNOCtRWndiYzdqVXhSNFIxUHVwd3l5NlQ4QTNlQStKZmdWVFVHSzlDUnNUZ2M5emVwd3J6SVNkRGw1VFwveW94aVg2QVdDSHZJMVE9PSJ9.167c7d96a5777ad9.YzA2ODcxZjRhNTdhNzQ4Yzk2OWMyMGMxNzJlYmFmOTFmMWUzZWIwZTQ0YzE5NzFkMmQ0ZDYwMDkwMDAwMGUwNA%3D%3D; _gcl_au=1.1.1188999804.1685833313; _ga=GA1.2.1991392596.1685833313; _gid=GA1.2.194312209.1685833313; _gat_gtag_UA_107148943_1=1; ndsid=ndsa33t8y1sgqjkliglmm9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=jkYXB8V1OyHrY+ZEveEHxGjotPwSnosfAcbfM3ZPE7IWQI5rrF2uqO2By%2fSJrXlY; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:55 GMT;Httponly; Secure
_abck=A7C974AB3C6C255E5764AE1499B52ECF~-1~YAAQ4KDVF4SK/3iIAQAAe/V+gwkJukMrPStpLwbHVUeVJdmT8X30CVqZTycLs/0sDFv6Ps+9gIOUlmAJSlAwgk0+kIky4/O/biDjm/NXXcOmWhI29eKKEtnPOY/8/voftEcMAaE1+B96MbsNo2hDPfs1q8nYjJcLJYAX/J8eiDZ75qXn6pDTiLTVwBjdF1zKDqdoZMIAYkPGnTs4r/OdKKkE9lo3RqxL8gJevwkwq2SGv7uFIMoBJl1FjlnDMoGrJu8QCUTzcYOoinM6KWZOs59LHMkovRNc6OE39t/Wq3IpSCzDLgBuITAOHKiKWGJdy1WPAhvTWAbigoNOmAwj3M6QULr3PgTe739jOZ2RSgSxaMgfNygL3o4wUBiR6fDW~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:55 GMT; Max-Age=31536000; Secure
bm_sz=4B408E48156202B201166DFA771D33B2~YAAQ4KDVF4WK/3iIAQAAe/V+gxMX7xrX0qiyXEjAQBkOqO1ipMgEPqjpVNw8mALKSH9grmCrQLxIXbTMKJ+5+6nTCS+Okue6WDacgyEuH/J2YeQobrL7NHRwnnWaZ2N0Qv+pLSjUDNmljlxwwbDiuC5sX1F50mqpyZaTMn7sNeacBh7CZfFd/mqXt7GgwiOirp2SX/3Tehor4LvoUcZThTTJcBl2y3zdpZHJBYlLS86KfQEgdmmc4IWPBjA2eVLOdPqwRlcs3ndch/O8OM3tTQdMBhC1xMamcGkvW2Dqs09/PWPviZhQ~4342832~4404806; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:55 GMT; Max-Age=14400
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc663_kf173_12422-13062
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
52.40.162.28200 OK 265 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 52.40.162.28:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash a144aa7acaef6d0596513a53c07ebea3
3d178c81367ef6bb10ac788d500209ab9b8ddf10
d3b67dad016aaf26f297aaecde1c48340467f00bc2cd8581a251332fffb12400
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 15048
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 23:01:55 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:5cdb1497-69d9-415c-adc0-ff1bbe2456f9; Path=/; Expires=Sat, 03-Jun-2023 23:02:25 GMT; Max-Age=30
ADRUM_BTa=R:55|g:5cdb1497-69d9-415c-adc0-ff1bbe2456f9|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 03-Jun-2023 23:02:25 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 03-Jun-2023 23:02:25 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 03-Jun-2023 23:02:25 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:6; Path=/; Expires=Sat, 03-Jun-2023 23:02:25 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:2$_ss:0$_st:1685835112048$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%2C%22_s%22%3A%22RhtaKfRFzCrPJhq80SIFmX7%2B%22%2C%22c%22%3A%22azQyeE13eEZwWkIyN1E2QQ%3D%3DNqtO1hJXkvGo3A1R7n2VFnuA4a9yeOKzD_ybE9SMezX0DSLdOdNRkp-BllnSP5GdpnExHhVXlFZfduOhijSsSnsZhyLdZlzuKoc%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_fr%22%3A20000%2C%22diA%22%3A%22AWPGe2QAAAAAMExOZ3RCrLTDJ1zz2o9z%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22fr%22%3A%22CJot_okDFNrcVQg_IrgYqw%3D%3DeKuuKCZ_VrVH_oCZNx2qyBi8MiLweDkWhNIlsLJX-p_7SjTV0TBU7Kn36w-vJH_ocOTY-mbpYWOnNqzpacWKA3y9KLUSVf8tZ8kzwQX5yc-DgWqWVt4gr_6sGJs9_wtK9mfInUQlNfVJG2pI2qzDCxKV_5KG8YaDfBA8M9J5YLmsiDtHZRKGDter%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAvmT7Bym03sC8E8%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C18945883073400977105255697388790494676%7CMCOPTOUT-1685840512s%7CNONE%7CvVersion%7C5.2.0; ISD_WCM_COOKIE=!yhfMWEu8IGRF7fIMntjHYqEj2JIOPLqzTBBO0DD9ouRHMcQjl+4f0zXTEFCDmGnbj9KSI2A4Ej+bnQ4=; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd; _cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0; ADRUM_BTa=R:27|g:90e74024-07de-45b9-ad3f-6c3066738239|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:27|d:1; LSESSIONID=eyJpIjoiUEQ0ZE0xUjlic1hsRXAxNmRPREV3Zz09IiwiZSI6IjdhYXd4azAwdFwvTnV3UEQ3NjFDWld2Zkdvd1M3K0Y5WUp0ZUFMNElzak5GUnFYa0NtXC9DU1BzMElod1FWdHlwcVwvSlJuU0hiMHF3bTRNOCtRWndiYzdqVXhSNFIxUHVwd3l5NlQ4QTNlQStKZmdWVFVHSzlDUnNUZ2M5emVwd3J6SVNkRGw1VFwveW94aVg2QVdDSHZJMVE9PSJ9.167c7d96a5777ad9.YzA2ODcxZjRhNTdhNzQ4Yzk2OWMyMGMxNzJlYmFmOTFmMWUzZWIwZTQ0YzE5NzFkMmQ0ZDYwMDkwMDAwMGUwNA%3D%3D; _gcl_au=1.1.1188999804.1685833313; _ga=GA1.2.1991392596.1685833313; _gid=GA1.2.194312209.1685833313; _gat_gtag_UA_107148943_1=1; ndsid=ndsa33t8y1sgqjkliglmm9k; _imp_di_pc_=AWPGe2QAAAAAMExOZ3RCrLTDJ1zz2o9z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:02:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nPqbn1nms56DDSxd4BLN+sy%2fBWnrOeZ1gXy4d%2fbfYmZETzYq3LtPCfFhlg+ItE4c; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:17:02 GMT;Httponly; Secure
_abck=35D5BB5A8BDF8F56ACBA7EF0DC989488~-1~YAAQ4KDVF9qK/3iIAQAA+BF/gwk0/5Y7Cc3bi3l1NFZLAKTBEZ8YxgxRWcmIpEC8fFxhys9IlU3qEpGhfX+SrIDoVX5py7o08S2E0J4TXGKNTBwPTtrQias+2eezncBUA9OICF0CDM8Njm/ISHJR20Qs2vUGe8cK6KQ58zNDehIX9eFwoZHXVRQXlYdnC4ZXuY5uOhtJu2v8p0eV/Waffw0HHz93fzMlJdhwPQdO6/skPDgmxMjQXjpqBVcvs0efjZ0/xN2ZciAwYtU6idlGG/tGtiBefG/RrRrjDNizcOU5J2a5M+ToCqL8NYYqAzryAMbiF1D1IfjPEqCFHAZNiwln5LZsoOjiy95lCnOlGtRmssKK/c6J/Snu78sZyH/W~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:02:03 GMT; Max-Age=31536000; Secure
bm_sz=E76A90CF9291E6098D2E0B4C84CBDE00~YAAQ4KDVF9uK/3iIAQAA+BF/gxPMUWBrOZPJ0x38hxdFM6idWqfemUaUceTbS9IQsaqZMzYvYLT5YGMQzfq5crnATJG8owBgybVhudKjc8qrkQslHNs+KcJCGuH266iiW9OzMiNm6IwyDPExa8vxBzzYw+Pvdsqx7S0Pdvit9FBWV4FxNNJdlWJHgigjgJdCgHLkxneDMBXJ9tkYcAjzmrkjhYdUP5ZacCG+o97Xtwh7c9Hs4GiXbvmkqDTzAoWnV1cSzO+W2HNmiWNb9Sk5iqLLEX4CD64jv6sQXmSL6IrVyMESXu2W~3684656~3686707; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:02:02 GMT; Max-Age=14399
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc66a_kf173_12422-13213
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pid=e8eafb6b-3853-4b2d-9c26-e9594b934e47&sn=1&cfg&pv=2&aid=
23.36.79.9 1.1 kB URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pid=e8eafb6b-3853-4b2d-9c26-e9594b934e47&sn=1&cfg&pv=2&aid=
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 49645c543086e9ba8eaa25acfbc13ec7
5ee0b76646b73dd925fefbef9e1a9101ac151f16
6c7a6ef612a93ad580e778be82b0ab1f577368ea4375945039032f8e1c1ed2ef
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pid=e8eafb6b-3853-4b2d-9c26-e9594b934e47&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5118
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0; _cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:02:04 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!WvCA+fyp4qbF9K554TfMmyz5FQ342U/LE4czWksLEcqGi9dPBJigYZoTkerjhvRBtWmAWhRGNeWFX9w=; path=/; Httponly; Secure
DCID=+Vcf33WCYhgzlesSchlQDeGM13zq7pPNEPrXhFkPFJQ%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:17:04 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pid=e8eafb6b-3853-4b2d-9c26-e9594b934e47&sn=2&cfg&pv=2&aid=
23.36.79.33 1.1 kB URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pid=e8eafb6b-3853-4b2d-9c26-e9594b934e47&sn=2&cfg&pv=2&aid=
IP 23.36.79.33:0
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 49645c543086e9ba8eaa25acfbc13ec7
5ee0b76646b73dd925fefbef9e1a9101ac151f16
6c7a6ef612a93ad580e778be82b0ab1f577368ea4375945039032f8e1c1ed2ef
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pid=e8eafb6b-3853-4b2d-9c26-e9594b934e47&sn=2&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34813
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0; _cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:02:04 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!CzOu6CIYGE/Iu4LpnNE5eVRfS7HzY2WpnmPameuWM38DayuTgSH9xhYydwLKfOqbsnAKJKAwisxSDQ==; path=/; Httponly; Secure
DCID=PTfgIMSIdHt7mbhpLEUYzIg4SV+CFDcWg+TYsgEKdhBWakOUgCr8TkCQvKIsbZU1; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:17:04 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pid=e8eafb6b-3853-4b2d-9c26-e9594b934e47&sn=3&cfg=32a3f9ce&pv=2&aid=
23.36.79.9 165 B URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pid=e8eafb6b-3853-4b2d-9c26-e9594b934e47&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (10677), with no line terminators, ASCII text, with no line terminators
Hash 20c0447b3c291875cab6a197545cd87c
73ebed55ff328e851847be9f118c0fb67beacd68
d056ba080c8d46f726d56b2cb6cd80a470fd80733712bbf5ab6abb31ae4fd1c1
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0&_cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd&pid=e8eafb6b-3853-4b2d-9c26-e9594b934e47&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 12909
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0; _cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 165
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:02:04 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!4x9eqwch/uZDcHPpnNE5eVRfS7HzY7i4mg5w5081diBCGQSfTDkdv0P4XPKz+SGBQY9mUXOTb8MVuw==; path=/; Httponly; Secure
DCID=WJIHHzCYwvo8hQjj2H2PH6+1ib+GUxZArqOoGGK9Jne84DZFHQ+kKdfdAuTGF+yR; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:17:04 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
52.40.162.28200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 52.40.162.28:443
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 23:01:54 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
23.36.79.34200 OK 1.2 MB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 1.2 MB (1221994 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:01:53 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=UjUuXQDbdBwVT9hn+JYlheOrVvzOLpRy2uu5vSkDU8I%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
23.36.79.34200 OK 654 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 654 kB (653591 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:01:54 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=baOnXeHL9S05CoSxdSGV28kSZMlDmw46iBIM%2fWuxzb35+j3N9La7nlrNSbS0YkFW; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--tn49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.132.220200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--tn49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 9329c7fa596297bd83eb9f5f103872e4
9c7d22d0aa9f9cccd694623ce02b91379eac8608
f764622af26a893687aabac4dc1a67d7cbd41d08dc3f52454ce64ea7d581a1e7
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--tn49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 648
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fxpyUWFIlveEe1ys0q/LsATxthJGHv7FZlavgB5tLjESZWc+9ykncV4SZ/SNYktsGTBqzUImzOkRbSw=; utag_main=v_id:0188837ee05a00156e7d87490b0405046003700900918$_sn:1$_se:2$_ss:0$_st:1685835112048$ses_id:1685833310299%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQY6Q6RMlDTF8CmqiSabnpU7Bd6x7zef72ch5SSrgJI%3D%22%2C%22_s%22%3A%22RhtaKfRF%22%2C%22c%22%3A%22azQyeE13eEZwWkIyN1E2QQ%3D%3DNqtO1hJXkvGo3A1R7n2VFnuA4a9yeOKzD_ybE9SMezX0DSLdOdNRkp-BllnSP5GdpnExHhVXlFZfduOhijSsSnsZhyLdZlzuKoc%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C18945883073400977105255697388790494676%7CMCOPTOUT-1685840512s%7CNONE%7CvVersion%7C5.2.0; ISD_WCM_COOKIE=!yhfMWEu8IGRF7fIMntjHYqEj2JIOPLqzTBBO0DD9ouRHMcQjl+4f0zXTEFCDmGnbj9KSI2A4Ej+bnQ4=; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=34192812-fc3b-4f9e-8dc5-423f5791c3bd; _cls_s=bfe813a6-ae39-4328-b273-be500cac5a5e:0; ADRUM_BTa=R:27|g:90e74024-07de-45b9-ad3f-6c3066738239|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:27|d:1; LSESSIONID=eyJpIjoiUEQ0ZE0xUjlic1hsRXAxNmRPREV3Zz09IiwiZSI6IjdhYXd4azAwdFwvTnV3UEQ3NjFDWld2Zkdvd1M3K0Y5WUp0ZUFMNElzak5GUnFYa0NtXC9DU1BzMElod1FWdHlwcVwvSlJuU0hiMHF3bTRNOCtRWndiYzdqVXhSNFIxUHVwd3l5NlQ4QTNlQStKZmdWVFVHSzlDUnNUZ2M5emVwd3J6SVNkRGw1VFwveW94aVg2QVdDSHZJMVE9PSJ9.167c7d96a5777ad9.YzA2ODcxZjRhNTdhNzQ4Yzk2OWMyMGMxNzJlYmFmOTFmMWUzZWIwZTQ0YzE5NzFkMmQ0ZDYwMDkwMDAwMGUwNA%3D%3D; _gcl_au=1.1.1188999804.1685833313; _ga=GA1.2.1991392596.1685833313; _gid=GA1.2.194312209.1685833313; _gat_gtag_UA_107148943_1=1; ndsid=ndsa33t8y1sgqjkliglmm9k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:01:56 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=hMuclaaVreeRJmRgYAsyIDBxnLz0la3LZjhixIY09dsSKC%2fHb92+foYAqGCCX7iD; Domain=www.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:55 GMT;Httponly; Secure
_abck=8CAAEECE3121F0533B831E3940D25A5A~-1~YAAQ4KDVF4eK/3iIAQAAafd+gwnUpLA3o8f/mK1j2kmeGTg981aF+C+c/Xf2RSbUZQNmePDsCqLqMQdfXNCpB031WEdZUcjOdvz1Dab5XD3Bx9g2+TodV5V+FRZ7/V/FxfV7hOBYDTuNKF8HEBRFWr8934iUInjZhxDf/OZR/mkpl8Lm5KtO8ox15mhmgynYFS5ozkwcoLmw6fT9/2+6/GdS1Su1az8F4ed9ve56g/Lsc1pzhxqZivjEiZpXMrS4vdc5b1RtKgW6EBFLr9FoNGjUqF/QQfz+1EGK7GjSn3QYtoGuJWLSXT4ecum13QY5X5HRZDsjv3pPEZtfbL8DbStmucfvgVfyHf8eRtueUnTK3B8buriTGDcH4hA2U02q~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:01:56 GMT; Max-Age=31536000; Secure
bm_sz=2974C3726F2867043F01BE1AAF76D843~YAAQ4KDVF4iK/3iIAQAAafd+gxPENirh86LXA9ITBRofau7W7Ji9HZAEVOZ3omwJEbhEANzRUTHnjKtVYu4phh735LTeN7gFTf44+Wr1miLBx0Pstvd5a7hOMQ3XMkC1TaTX22/5LvqzlDpGGJPDDs67te8pr3HOI88njTopkdrs4eCcgiEP5BHsIfAm2Ym9BCexVbDXyEGxsQ3R5LBz1o8pxMMGNwjtXEWSHMxYapvmfBbD07vXuve4R6mxH2tyqq26wkaDJjMD+V6IDG143Dlmw9vHNklJgvk9lI7tMkkyvM4fzHFe~4342832~4404806; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:01:55 GMT; Max-Age=14399
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bc663_kf173_12358-60387
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
23.36.79.34200 OK 764 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 764 kB (763770 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--tn49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:01:54 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=OHXsTlxtR5h+52gYef3A6jJy4oH9b1Z4lIclJc+CIW6Gii25je7zCM8nePosJW1u; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sat, 03 Jun 2023 23:16:53 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains