www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
163.171.132.220200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash ec7054f61fbcf612e37e54dfcfe1c00d
483a99a3f87275f06065561aeeb7caaeda5c665f
d2e9ec176ae806cca1e3807ac4333b908faaf628261ef7ce26e015fb5b04654e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:48 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18851
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-914633a2-079f-4d53-b465-3251efa1093c' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18778 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f; Expires=Sun, 04 Jun 2023 00:25:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:25:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:25:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Sun, 04 Jun 2023 00:25:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:78; Expires=Sun, 04 Jun 2023 00:25:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306031724482037505002; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:24:48 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; path=/; Httponly; Secure
DCID=KMThJXpSySfYRuVC4HhhTx7lUKmBcefL4G9QrBKT13B7lMfQgX9u0rFEz0rDQ6b1; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:48 GMT;Httponly; Secure
_abck=4599C8706AFD2011A409D1220BDB2E7C~-1~YAAQlNAXAiL14XaIAQAAI9fKgwoM4Zs7WX0wG673PxB5oA0VVBCM8GtBCPEZkmeMjeSSg1G7zE8z0c3naKESnBlFgQ7JSYE7S/KRfuu2nE5zPpMeQ4fQELaHrnv1OuGGRLOHbMkO3kvXoPbDscAqYGUJamRUyvLMrmuRMosStVp/TpPuvT2Ysb4pC9Mvn3wPCUmCItFv5y3yIO21lv3Z9r5XXw2OWU9bv2VMKuTehnrC7StHiYRVEQlClU2J/mEyYG0enujtlguiK8b/PsvqzOrujoYT0QC8iXDuo7xpQ05cTsnuAW2Zz6OeN/Z8h1ihWQKmhEIfHxg9fFdPrxYMQwmvZB8VrvO6Vz0ubyoTmzjtg9gCV+blDrlY6b1D7W+m~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:48 GMT; Max-Age=31536000; Secure
bm_sz=49B119C671FF2BD8002789F39800A3F1~YAAQlNAXAiP14XaIAQAAI9fKgxTzIQzHzIGs/S22/mJO72kOXvOHBZ/FEOsZHm4T6oruhjWkaAiD++WH5wNc34bDCqDHAUQXZ8bJhaPH1Es0uhhjgd8OIa7UtH650g/duLh+mHP3ZX9JzhU6nrhEEOs5vRvlKE48PLxf7KdNttopu5SGUdL2ThNVkuqz8PfDU6GvHUREjsheAnkvuMhe9Fx58ZGcA4htlqgXrbpSnbn8YK1jI+A9VRprDWYgrPiTtcF702Dq/+QQpz9QNPunDstTWpN2Kjz7/2iAB1BrQDRwoWS5R1lP~3683897~3749939; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:48 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d0_kf175_11874-24410
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=1040615
expires: Fri, 16 Jun 2023 01:28:24 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=1040586
expires: Fri, 16 Jun 2023 01:27:55 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=1040775
expires: Fri, 16 Jun 2023 01:31:04 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.132.220200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:78; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Sun, 04 Jun 2023 00:35:11 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d1_kf175_11844-52659
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.132.220200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:78; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:49 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Sun, 04 Jun 2023 00:35:11 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d1_kf175_11937-57318
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.26200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sun, 04 Jun 2023 00:24:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=E9Q15KTZnLeLyS+uBQof2A%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
163.171.132.220200 OK 77 kB URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 3b2227177307401f0ad66f16a01dfd5e
098aee523bc90b9abd2658dc3cad2b8d984c148c
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:78; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:49 GMT
Content-Type: application/javascript
Content-Length: 76583
Connection: keep-alive
Stored-Attribute-Sha-Checksum: f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Last-Modified: Wed, 26 Apr 2023 15:12:23 GMT
ETag: "5b8f9de7319f5214c46d203ee7c78f9bf749d0b7eaa059e3b1056741a3d903ac"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=eI8gCoKkrck5kHwVAOQz6w%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=94CF23405D1B71F1F5C794989A8736A4~-1~YAAQjtAXAoX5SYGIAQAAsdjKgwoGJR7G9ivxcd8B8+7xvsvLxNKseq+wIE417aMFtfUeYLNqChkbUYx67yg2GNnVRIt5pxxIBFt9p5d6j8HCReQZz2fb9o3ZJacSxOJWT2IfhuCoVUDlobRzBRk9UevKQJWwdtJKrh9vLcS6fIGwZ5HADUYnpvme0Xa/KNtZzDcyKkLWf+jGvqA4DmiRvOWyknxFss65GmmlewxNBdUhPt+2di+tWoiXuXUzma5JbnWepLVRut9m4HLuZqcIPAhlEFD78UiH6JlIg+jmG2lu4PgNHX3ofChd4cwXS0L6chvoAmLgA9JQW2mmZmXGJRiGkwkJNYjzPeZHZPUCHlpFdXBx8X4aeSvt4TObkh3o~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:49 GMT; Max-Age=31536000; Secure
bm_sz=88E4AC5B49791BC2F7358C130CC00CBC~YAAQjtAXAob5SYGIAQAAsdjKgxT3yGhxV4aqec4WvjwVdZ0ZU4pV/zm3NKsHL4cs0bkEtLj+tDiPugbo2iZmoZkT9qopyyScRM3fhq2z7ALcV+L0FqWnCoA6TDKmdyyC2kcBBPIPo39V+SFgOVUpMKuzl2Vj3453TbRCbZGls0zOddD0NgJm4YBmDPVUiEebRJEZ5W46RC3QNCDZxw7sht/tXoaoi65hfnX7sYinXKkTJdBTd+ObrkFh51eubDB1/v+GHat1nn/4ZKKt8UIv4uaJ7+mumOG0yI7or2GE3+67895DijS5~3354676~3422005; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:49 GMT; Max-Age=14400
X-Via: 1.1 kf175:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d1_kf175_11808-33564
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.132.220200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:78; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Sun, 04 Jun 2023 00:35:11 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: W/"643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d1_kf175_11914-37359
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Sun, 04 Jun 2023 00:24:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Z3tRVNPEcsSXnj0eRsr+tw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.132.220200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash ac9ab6e22d7d3533ab30d4f604f29d1d
7a15a7ed5b65393d260190cb3d987f5db7103dac
c47fb35767bdc01696ada44ca0fa5e85f0b724b36c9bed23c36820c05df21f59
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:78; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:49 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4283
Connection: keep-alive
Content-Encoding: gzip
Expires: Sun, 04 Jun 2023 00:24:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A5nYyoOIAQAA1J7xNJQe08lKWBBzaVAADe1zJfeQW-Rzqpbv3RRx_av5245CAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|5210fac1a8cb88efacaddea284fb856775b7ee5e; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=RPHY5YoRmOT8dd%2fr6jGB1tNSVV%2fOab2r68dZl0VEjKw8xVJUD4MhAHZ0eG%2fRqPl3; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d0_kf175_11874-24425
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=6322384
expires: Wed, 16 Aug 2023 04:37:53 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13860135
expires: Sat, 11 Nov 2023 10:27:04 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13860135
expires: Sat, 11 Nov 2023 10:27:04 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13706962
expires: Thu, 09 Nov 2023 15:54:11 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.dcocsp.cn/
47.246.44.230 471 B IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 9c388f256787fe671b209b4549c25609
bce708db1ad56ad352ef1c726fbdc4164741f7e0
eb1329b189207ae0f74aa1fa2710665c98b0c0245a3156046eeb39db51bda913
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 03 Jun 2023 23:58:48 GMT
Ali-Swift-Global-Savetime: 1685836728
Via: cache21.l2de2[0,0,200-0,H], cache5.l2de2[0,0], cache1.se1[21,20,200-0,M], cache1.se1[22,0]
Age: 1561
X-Cache: MISS TCP_REFRESH_MISS dirn:11:73374570
X-Swift-SaveTime: Sun, 04 Jun 2023 00:24:49 GMT
X-Swift-CacheTime: 2039
Timing-Allow-Origin: *
EagleId: 2ff62c9516858382894485037e
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=13860102
expires: Sat, 11 Nov 2023 10:26:31 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/target/offers/conversations
163.171.132.220200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10658), with no line terminators
Hash 3f276e85289a844b9e60c362f4a8af52
cdef58d766c29145ad2a5421ac6b59e838bbf739
8f3fba085c05a8fe5ac6f035a2c077ca8d2eaba51eddf47c586b015cee5042b4
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:78; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:49 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2113
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-acfa5c56-6baf-4a5b-ae0a-5a89252408a0' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:78; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9e4d9fd4-a772-4d6e-ac72-151ce3690034; Expires=Sun, 04 Jun 2023 00:25:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9e4d9fd4-a772-4d6e-ac72-151ce3690034|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:25:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:25:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Sun, 04 Jun 2023 00:25:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:141; Expires=Sun, 04 Jun 2023 00:25:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120230603172449671526681; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:24:49 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=C403B8C8EAAC2034A964109C78B1F62C; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=45M7zmmFoJkDyjUQTH2jXBOA1rRBBFVwo7i6YBPmGLwFOSFlE61TNBcnOsoalnpU; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:49 GMT;Httponly; Secure
_abck=A0713E92B90A7AA2FEC4EC8FA8D75B71~-1~YAAQlNAXAjT14XaIAQAAFtvKgwpLZ52jaWlyQ9H0dkoPq1We11Q5TIhop8jLVXOQfjB5IlThKzZvMcdilPEAIEcYe68gu+uxO4jTz9Kwbsjm9XT+geMzO/86/E7HcqHbRa4PyY/+NhGhSouqogTHAnp04UUF30akipA110mIjp+S0FAi25K1nkv8EfjE5mANAikIHCcHSPfSir4zjVVV/LfCUzfRvW1sF4J8t5WD5zwvzmz9ZLurcDCMAvF38upCXbByipBdsgrIKZgHfKxS+/PHEcQhCCjaRCVT4AF7eMFnq3EuJZHC5BUN1ZHl0CLPFKxr98dqq94GbNoCsV6RYrfUnbxq45VcgAKNGjQWi/0ZzHV2zFqrsMFJ01O/CpuE~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:49 GMT; Max-Age=31536000; Secure
bm_sz=AE24CE6081E0DE5FC1E57BE7018446A5~YAAQlNAXAjX14XaIAQAAFtvKgxTpiMAyseCsU89slBV6j1WFJZ93H9At+ySwKTY1UfNtubNrDsRmUQqPet6dsPT3umrt5lb3Xxxy5cbkdOP7QeMHTcOtstYfsAjmqD5Xn1MK7uj0Z28VMNR8UAS7sN9+Y2YsS+/85C5i963uL7N7nnkt7T7XHFsWAjko6NrLQQs08shIXawwkG8LGX793GfLTFDrqhfc7vJ6ZoXrVusETqTv8lkRN4h0fEE48zwoZzeHAWnLQZmErEePOP/6vOgJAvjxFf7RNO55/2O9rflixy+l1tj0~3354676~3422005; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:49 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d1_kf175_11937-57322
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2108
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:78; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sun, 04 Jun 2023 00:24:49 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=IvR1hOZjl8vD94q7VDI1zQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=IvR1hOZjl8vD94q7VDI1zQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=EBCEB0C5E0369AA39001BAC50B565E7D~-1~YAAQjtAXApv5SYGIAQAAFtvKgwoEKtBf8km0b9Rp7M2rsYW8URWlOaNHawOi4kuyWFhx8PDrqXwDSGCO8+Cb8Lm6yfYUUFWxcw1RPWNPO9lkZvn722EKSCqkenLL4Ona5grLVsa/Bl/QGzx6RhJmpc/DhlHjcmrePkK2D0tpQ2xh5tEbyz4VBNW8a7co8CoRHAe9V5y7PELGgWgWJn/fPGqB6aXbCEaF19v9Hwzll6YrJZaFwcm1yaUN7awbRU3f3vHkBLLJfhtLCeuLQRW21QwgSVlUAYCmyhLiwE1ka5KyfiNSe8eDmy7tI7F/HSsOKaf9WVFtfaqzNLOAMZUKQRALNZhsGkCKTv5jau6QGJu9aVdXZsq2vNPP2mpFpRFX~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:49 GMT; Max-Age=31536000; Secure
bm_sz=1AE5C14DA404FFA3CF48027F6C7B5C24~YAAQjtAXApz5SYGIAQAAFtvKgxRfH/8DyNYJIFJ0Blflsv5obhoO7B6hXZgcHd8D3f0uVFjVJ+2iok87BxNfJaZuYe3kV98Aw/7XhSxP15hDvPbwDnNjje6aUQDNgyjwxZHrOCHR7rzjLaZwXUxAE1uhqbt9pVuhoTzgDlQEKe38JvGwHjA+G4geZMuNmMnF06TA0CaMBPCeZaDiE+w3zF/mqHjrjDOFdRTzJIdidq2uS5fNT1vyN3ffGRS1CjzUnqUm9YHWtO2oB2C5D643ucViZzoQXA47/KNJFGeHTfAZR6qnF/b4~3354676~3422005; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:49 GMT; Max-Age=14400
X-Via: 1.1 kf175:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d1_kf175_11844-52664
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_hppb_savings_1700x700.jpg
104.110.27.78200 OK 1.3 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_hppb_savings_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 9a1eae7d2190524a3314d76363aaeeff
f3ac6dec3572f491f1d5b914974858bfe9751566
4774cc6c28fbd2c229c3460b3669b7348db73d3477407e4e82112ad3f037cb6f
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_hppb_savings_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6453c9c0-5f1d"
last-modified: Tue, 16 May 2023 13:47:10 GMT
server: Akamai Image Manager
content-length: 1344
content-type: image/avif
cache-control: private, no-transform, max-age=998634
expires: Thu, 15 Jun 2023 13:48:43 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
104.110.27.78200 OK 39 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 5d115cb30ce945de0d431748aa0b6073
e1af15a87872a93c56598fe21c82c252a7c82345
8f0441ba6cd327f630ce1653262816ae3fb9abf2db73b70c50be3e66c51dfd8f
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505859-e2ce"
last-modified: Thu, 20 Apr 2023 01:30:34 GMT
server: Akamai Image Manager
content-length: 39415
content-type: image/avif
cache-control: private, no-transform, max-age=1040688
expires: Fri, 16 Jun 2023 01:29:37 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg
104.110.27.78200 OK 18 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4d74f6d202bf00523871f6380d9da158
511af47b1ce2a77f5c27cf3addfd80f289bb76ba
8932b18f9d89396f9292d507904d01306b97c8ae75165c93005b04aa7d9853ce
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "635162e8-d177"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 18075
content-type: image/avif
cache-control: private, no-transform, max-age=1040799
expires: Fri, 16 Jun 2023 01:31:28 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
104.110.27.78200 OK 13 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7d601c2b059838fc333feb0e3e020fe1
f57bc430ce2a2b0c146e8d573569367c6bf75bc3
dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c53-e73f"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 13330
content-type: image/avif
cache-control: private, no-transform, max-age=1040678
expires: Fri, 16 Jun 2023 01:29:27 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
104.110.27.78200 OK 562 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2bcde1c3190b4af34b91259d18dcc641
3e6b6735a8876b4a326648142fab032a8bc57999
de658330c0f53de61d10240f572508c31ee9db580f34b856430724f2e499104c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c4d-769"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 562
content-type: image/webp
cache-control: private, no-transform, max-age=1040637
expires: Fri, 16 Jun 2023 01:28:46 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=1040679
expires: Fri, 16 Jun 2023 01:29:28 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1040755
expires: Fri, 16 Jun 2023 01:30:44 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/active_cash_refresh_hplp_1600x700.jpg
104.110.27.78200 OK 16 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/active_cash_refresh_hplp_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d516a96491a0b33b47c2e49db6b8a5c4
93b1204339bf66f79f6a2d6558c626d7abbf61bb
f40420b950b0cc7bee20904578f6cb4bbefda6d2a6a73bf400f9579da4401243
GET /assets/images/contextual/responsive/lpromo/active_cash_refresh_hplp_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62d96afb-178fc"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
x-serial: 1184
x-check-cacheable: YES
content-length: 15795
content-type: image/avif
cache-control: private, no-transform, max-age=1018940
expires: Thu, 15 Jun 2023 19:27:09 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AAAgtIOIAQAApbbk3aLr50OyWXPSVkwVcD1mwZVkfjNuYtoMhCBkbbi9JYus&X-G2Q3kxs3--z=q
163.171.132.220200 OK 149 kB URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AAAgtIOIAQAApbbk3aLr50OyWXPSVkwVcD1mwZVkfjNuYtoMhCBkbbi9JYus&X-G2Q3kxs3--z=q
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 149 kB (148917 bytes)
Hash 1df09ab5b078e522c803e074bf323dd4
fa6213c2b1b2a25ba8ad7a9ab9c4ed123efe9158
f48fbb9fb43e9870de0aebd743fc67dda7eec0e31558b83edd8e45d63420bf9f
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AAAgtIOIAQAApbbk3aLr50OyWXPSVkwVcD1mwZVkfjNuYtoMhCBkbbi9JYus&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:78; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:49 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sun, 04 Jun 2023 00:24:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A6jayoOIAQAAVaKRw8cL4wKwEtR5O0MqOzqN7MmsL4cuynIS-HAGtCUFO3-DAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|1e98eb657e9e132a5e1f81d20b2796403562283a; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=m1GDQmAceGjBYVdoNOJ5Rs4rKNc3ZvFM6DhkF2ggsvmEI9BG+OVgMm6IOKFxnJPF; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d1_kf175_11808-33568
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=1040776
expires: Fri, 16 Jun 2023 01:31:05 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.132.220200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:e4300d13-0361-42eb-9fbe-f796bcdcdd0f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:78; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:49 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sun, 04 Jun 2023 00:24:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=Yb%2fU%2fMxgLIeM3bdtpwxLAyxzxCWEwnhWTuBky9rwCirCql1i0AsUMZBTVPCIyLQt; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d1_kf175_11914-37360
c1.wfinterface.com/tracking/hp/utag.js
23.36.79.9200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Sun, 04 Jun 2023 00:24:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=sqr1AWEYtYt0c0i+7%2f9UBA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=1040739
expires: Fri, 16 Jun 2023 01:30:28 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=1041028
expires: Fri, 16 Jun 2023 01:35:17 GMT
date: Sun, 04 Jun 2023 00:24:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=30256
expires: Sun, 04 Jun 2023 08:49:06 GMT
date: Sun, 04 Jun 2023 00:24:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=1040761
expires: Fri, 16 Jun 2023 01:30:51 GMT
date: Sun, 04 Jun 2023 00:24:50 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2648
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; ADRUM_BTa=R:27|g:9e4d9fd4-a772-4d6e-ac72-151ce3690034|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:141; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:1$_ss:1$_st:1685840090345$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sun, 04 Jun 2023 00:24:50 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=TU55cT3E2G7KwWYz8jGZ+g%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=TU55cT3E2G7KwWYz8jGZ+g%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=CAE277B687A86D79439A95DF551B4EED~-1~YAAQjtAXAtr5SYGIAQAAMODKgwrTVcpOWMlyEWXsu0JzTrJefcZUW8hkL+g0+UV2tU9WZlsq6M8xP5Q5n72UfffJfidHvKAt1DKCQkJd5jG4kGB5eWYkStwPT2+Zalt3+XlXEVsc4JmIUFg2z8w2VUoYu1fQ7E+XPJXSrnslzLHGuQG91MFxFpQ3176W9z28TFwrMsVal/7UIBsSK/Ebo7XBsb0Z6nZS+n6LANQ6XrESjuSajb5X80bkws/4YuDYF5cT1XAmlVavWB+V5HfdLjgs6BT7SCI4xSP3mg4Up0a3eOO+CVRcJr8qva+qnlne1Mx99yZ9/IRaEfr8H/hoc/bipGzYhx01fiv1Hh3Qx8uJD0oCmv2fUAo+W0E3lOcO~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:50 GMT; Max-Age=31536000; Secure
bm_sz=0F6A59AC84EDFFF700552F12CF58B8D0~YAAQjtAXAtv5SYGIAQAAMODKgxRB+gpU9dJbHspBOh39P83pH+Wv6CLXIPubZYosCIFNtctJiD1rHAxP0I9UTMgSAlnZ5u168xVf7ST0+odD6pFaKQOHDOElERflZ320u9sxUX38xxE+Ins89CvOsp1UqcajKbVDZxShYefVYAhCt9xUYraC9MBP4RVIuM81TH4CbSwjNgLRAS7RItWt4mVylChlGNIEESKAqjcKJZHJKadzhQFLil1K0OY3vsZ4EWWcItCnX6GuUsyEGVi4ieyFsxdUKwKe5SLe481M225/2TvDajb4~3163185~4473911; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:50 GMT; Max-Age=14400
X-Via: 1.1 kf175:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d2_kf175_11914-37374
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=1040713
expires: Fri, 16 Jun 2023 01:30:04 GMT
date: Sun, 04 Jun 2023 00:24:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=935565
expires: Wed, 14 Jun 2023 20:17:36 GMT
date: Sun, 04 Jun 2023 00:24:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=1040585
expires: Fri, 16 Jun 2023 01:27:56 GMT
date: Sun, 04 Jun 2023 00:24:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1040721
expires: Fri, 16 Jun 2023 01:30:12 GMT
date: Sun, 04 Jun 2023 00:24:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=1040740
expires: Fri, 16 Jun 2023 01:30:31 GMT
date: Sun, 04 Jun 2023 00:24:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=1040959
expires: Fri, 16 Jun 2023 01:34:10 GMT
date: Sun, 04 Jun 2023 00:24:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=1040629
expires: Fri, 16 Jun 2023 01:28:40 GMT
date: Sun, 04 Jun 2023 00:24:51 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /S6TAiRKP/rZuIdFq/AQ3aZQS/0Y/1S5Vkwp0kkXY5z/WRx-TxkB/MExiWH4/yJEg HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2611
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; ADRUM_BTa=R:27|g:9e4d9fd4-a772-4d6e-ac72-151ce3690034|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:141; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:1$_ss:1$_st:1685840090345$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sun, 04 Jun 2023 00:24:51 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qzWcYcQzLXIX2TxNjMuGmA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=qzWcYcQzLXIX2TxNjMuGmA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=80B9AA7B1654400CE2566DF0A3FCE42F~-1~YAAQjtAXAt75SYGIAQAAgeDKgwoLVYZwe/fr0s1Y+99bqUb5EbJ+4/xvLw9qE4XZcwlrLwJ9h9Xq8tSkCWZnDyV51uGkj8hYZdrdOZecy8xV/1Y7ELl1KNPx/f1J87NtMsueuJIYIqw9s/gc+i2I+Y4tyogeenm++TOHvMjSK6Yc9XoWA6EmpUqzqYyRb0lNMCy3xqYQOtArXEF6yzkfuBuQlxaFvRhf46Hk3e8/fTRHkH2Ki87arHJwqGS9NBhIQ0fN7i8yqOnPl8HA2yneApFls8HRJKij1oxX5e9Es+mXp49zIcmV+pf5nKQIumu6+pQ+WmKrbtqRWWnPFp/TYZsKsm/i6Mb3qVsC7AX49wab1l8CZlWu0XMETjzNIN9D~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Max-Age=31536000; Secure
bm_sz=7DCFC71ECACDBA67E14959D2CF4E4366~YAAQjtAXAt/5SYGIAQAAgeDKgxRmEgHS+rUAgwCJV+VoJjzN/Z9j3R4rG2cm/fXvFAuZjSfCWQV7F1XjwoLuot88l82p4TsXQmJTTUP0l82AZ6iJoqqEmo74uHOfJi79GqGW/Bp8qGmk2qCIk5wu8839whIZ35JyYekTFTQiCXltjcelzeWct6Y4rPjSU6eLmuo1UCTCxsP+FgPrfVlDA0jNbFE9UM9tMcdWTrmxsU6vSY8uNGWGF4xouBlWD5Rp2ERGLs2xeVMr52q5dYsEj8hd/UzjR+P0VGsgGLdeivay4QilSdwl~3227954~4605494; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:51 GMT; Max-Age=14400
X-Via: 1.1 kf175:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11914-37376
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=1040630
expires: Fri, 16 Jun 2023 01:28:41 GMT
date: Sun, 04 Jun 2023 00:24:51 GMT
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
23.36.79.34200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=oUU88f9jTKgSLVYKHn1A4svNSP3E8BKdQ2tPgeSI9C36%2frbRPspXuwACP10xqmJq; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.26200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=3SQxij9TRW%2fXMlVen%2fTtiQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
23.36.79.34200 OK 152 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 152 kB (151716 bytes)
Hash 7aaeb102c532a6001695e49bcd18c34b
daa633c45eba27c0a481fbad967b29b8e57433e8
696a61cecc5265ebdc302473a71506f21fea77e8ab5311ed743c227def424ddd
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 04 Jun 2023 00:24:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A6TgyoOIAQAAVm75dGI2srJlyfVqnihVUMI1Y5PiaKHXM3Yy3-BircBKjREaAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|de3a35fb4d8b2a618e3de34adf9611b4491a82a5; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=mmgphjYE02pP8gpSCI%2fb5xWZYnJuV8wedNBlkn1ggvouMJPgaYALqf2LiwLtVmgr; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/gb/detector-dom.min.js
23.36.79.9200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=byilUezkfrQGI+9u06tELg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/jsLog
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/jsLog
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 166
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; ADRUM_BTa=R:27|g:9e4d9fd4-a772-4d6e-ac72-151ce3690034|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:141; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:1$_ss:1$_st:1685840090345$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:51 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-a744a5d9-89a1-49cb-90cb-8abd5f824c3b' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:27|g:9e4d9fd4-a772-4d6e-ac72-151ce3690034|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:141; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=307779B67748FEFD363D65EFCD78334E; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031724511257504245; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:24:51 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:27|i:206915; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:13; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:13|d:0; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; path=/; Httponly; Secure
DCID=3Pqgg0QFCi1IYyDT5TIhzXq4m2MfJTn4SrNFER6e3KO8bmRguB0cqvHyPggT2c7g; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
_abck=8B193AB8B706E518E714E317E77F4241~-1~YAAQlNAXAlf14XaIAQAAJ+LKgwpq6+dTBQAy6v1huhJIAUn0JTiV9dOUhC1yv+QZ+/4uHuEq0Eyw3txBYFu9XCeWXyT/rEM507ugr+0pKkZHnd+EkJpD7iqiG7vhBGATzwbk1KZiQnfQuBp+7VBiw9x9dO9iwNUA1BVgpGLcqZlunX+p3Zd2wPUwiIQSgcSmV4i6Z1Hm5AWEMbPbhkNnmR5uXKykmLEDdTXQPGSaOnipg2NHLJD4LuRshk0y8goMDBrpQYBmfQ1BFbWQPo69UCRSvKqDgU7ghIWf71R6WUB4BL24qhj+1zaKZjQgYTalLnl39M1Aa0BgWXb9ktimqfAzD9sQawNsLRM0R/K8LM7eZGwIavtQHvPqvHrZs06p~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Max-Age=31536000; Secure
bm_sz=681619FF88B4711426757496C9B4E71A~YAAQlNAXAlj14XaIAQAAJ+LKgxTrZcnVVTu6QmzBBeckbnOHYo9dLzK3LaZl7Fojcwx6hy/sbudsaGssFA4FuramkIvB410hTTUY6ZE6MwHDyPZQP996rhexNSpUyWkz13+MJjp5ivij1YMhWnb/4rUJ6EK7bcshgj51Q+UjXaeMB0cVkXQDLnfT0xp8BnDJOtN1kE4DFHik+Ygq5bsIOcLEekl38dvRDunlYob8RsST6FdvUuNZczdEQr5NXnPw3VWk4EAh7FmamTI1A39Xh/egH6/w1nFW+x5GNo6LCsWdaFKhea2b~3227954~4605494; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11914-37380
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.132.220200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash b93c97c15256b9282ceef6ca05d9e500
ee4b5881ec18d9ea1bc94d834d8ce6151a144b74
74a1dab6dbc25608a7e813ff95567d89797ed4ade5c965dd94bc8e75547d5888
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------63701016332853292393722997738
Content-Length: 169
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; ADRUM_BTa=R:27|g:9e4d9fd4-a772-4d6e-ac72-151ce3690034|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:141; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:1$_ss:1$_st:1685840090345$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:51 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Tk7KhvIzhwH65Aa6ZRoWPNAXuVu1PinfYZ5FQF1%2fTvOLC1Jc7mejwY3rym7sFdcp; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
_abck=BC824D52D9BB41B94A56286BA2459DB5~-1~YAAQjtAXAur5SYGIAQAALOLKgwqYhFKeLdgHRxrxhoEd40vL88OeCPqvhmwA/Iknmwqn+bsmr0kO1hVU1LE5mMjPKkIBDspTq4irCkeTgABug0nzXhNdfW1YX+ktMX1y0wX4AB49Cjfg/VxBAv6WuFXnze7RLoS7RbQJNmA5nHBsWPXmr2+K+cx8xkfSNZP/m9nRSQKyRPL5EohLnsTVPJg3UF/8D5M7JdG+FcqWSKPyLxBZNWp7/ygTWSLn3HNzT1/2OjshyCWmDORgW6hxw85E/Qs5Vg3PiQplnUcbfGuWvnGwymCETTeknfeHdUPHDYfLaKE2s2X2JQjeAI64jGTBkZxq8TAU4QFcoyqkL3wM7zZBIGwPKQhrTj4ph/SD~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Max-Age=31536000; Secure
bm_sz=7D47A7B5EC902E9F7CF11AFA3068413C~YAAQjtAXAuv5SYGIAQAALOLKgxQkyNW2PZtGelp5G5mmldr6rBla0lmhowmzLvbK6ajGYL3JYvUinIe8k5Fb500DUpS10vcyU+PGpfc9lkiSYLnD9gH+VGQfGwdAj3wyxrQUAPP9WAzazdkHgFi+ZNZXVdTxuuUfe1D/8fzSMNe9uVYdCxNz6G95uS94fwMj+tTyBXXBjugvycijKIQTVycfYeEXU1L+fZMCPGazqrBY7VmZxSPuXZ5aSMAnQ/bdZbMG7SdkhH5a8PjJ3L/O2fJiMFny3owayKZ5ZRayDNeaymkOMym0~3227954~4605494; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:51 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11808-33614
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
23.36.79.34200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=frlRHN7dbR0Vd+tR+Voyypny5VuNBSk2hKyVTxbWiT8O9A+4uceWlflISA+r1Xnp; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
23.36.79.24200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ar9ta9m%2f8u2SWx9LpBUNyA%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
23.36.79.24200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=RQHm48M6uCRkV+UmT5L7Uw%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=UeTy8ZzLMdZzDH9hnEkjhg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838290920&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838290920&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838290920&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; ADRUM_BTa=R:27|g:9e4d9fd4-a772-4d6e-ac72-151ce3690034|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:141; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=LTJu%2fV48TbcJ8uSXBXqMdzjDUM2L92gdCaJ2ndx8Pj8%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11937-57349
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.34200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=QKZppnnKge%2f4+UncgKIpTBhvGEaCkTNTId6tD1ejClsioN3UgejcfjbL%2fkKXRtie; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
23.36.79.24200 OK 308 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 308 kB (307653 bytes)
Hash c85014374233a557bb0c3371506bb5a0
aeb987debdb406b79606440a165a027770ee03c7
79c53c9a2acedfe344e6246a510b6c7a687fb868006a15f7afd5886a1b88abf1
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=km2sb9YI3+7rtJN67QntERbZ1dS3c0Ao4nmRJ7HsheKp3W+TNgio0PVcQ4VltRC+; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
23.36.79.24200 OK 331 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65446)
Size 331 kB (331228 bytes)
Hash 6ef479c44379f2b9baec883c473a53dd
6d971f4dc64d2a685ca927c90021ebaa601c2726
11b00cbc413cf23b0f7d71dd7f65469d1eae548afbeaa034f0261307093d1d24
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=C6jt%2f2eXjQ2JJp%2fm8QUCr+wXSa%2fvu1LZtm6N8r67WC%2f+bYxkmHjGNIGVAnN2KQuY; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=S6SPK9T0m526k9bpnAcDUw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291221&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291221&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291221&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=wbxu0PlC9INnPP2G+YCX98nNlJTBl%2fmE45441qane9vHqVE5AcTfSvJqsqk49ZGE; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11937-57376
connect.secure.wellsfargo.com/AIDO/glu.js
23.36.79.34200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash a087825d8258240ef997c90b8d6aa86d
b8dc2a1aaaaca1f830d090decd67df1e569059e7
b0e6ad7e2ad12f669f93c566699ac8919556dd2ca6d21d1467b69734eb6efa66
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37192
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=v7rszbPkVbDb0Pz7z+ajW1mhjZ02PspkdJIOc1JI9M1ZyG4jgkBaqWtvY038k2ef; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 968 B URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2435), with no line terminators
Hash 408e27f5cb32b646ffc91bfbf8304d37
8dcd636d5c847fde62764453739c4bcff94b67ef
3288982f654f67fff7e51d692a19e9deee6347f5717a676e5506d1b488d1abfa
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:51 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 968
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-eca13922-9e43-4774-8f41-5b02806492fe' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:13|d:0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:14f154bc-5982-4961-a66f-50f2aabf5ae7; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:14f154bc-5982-4961-a66f-50f2aabf5ae7|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:63; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=3178B7AEEABA761AD5408F03E34F6824; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603172451185527630; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:24:51 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=iXIOIrWMcVUeLweultIwyozh9wmQqyb7WvwpGIzLJ8t%2ffzWAzsHPlWA4qB%2fndRhs; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
_abck=36455E2CD494CC7C45A14EAFAD810650~-1~YAAQjtAXAvn5SYGIAQAA5uPKgwoV3Srt3BJsGyO9Eusbd2SITLEAfXjukVnQm8rE0ivEVN6qIqMEpwq9UOtPz5vj4GslGNcuxWNyZspQnHQyC64tWeXvoVPtzuHCIXusve0UmhwUUPWAWzqM3VASSQXKaa9r6SciekyV+l5JLigvYWna50KqYB1ONVBT542bfa0h8yks2xV1OmNQddNEI223KRrhhEugIeQvvfo4Ky6+erzKo5mK+0ta41EwPLIgGW+OROaEcIdkGcQkJpTjXqvrlx6QfXiFU18LBTp5LQLLnuJfoMwpUNMRkIEHVtIS7vWh7DevrwOWwZF+zwrZsHxnDhBGw6ZWjma5qdFiF5ignSYJzZF29Tqz5AqyUwI3~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Max-Age=31536000; Secure
bm_sz=97B3AD00592A217DA0F6F4F2E3D69D6B~YAAQjtAXAvr5SYGIAQAA5uPKgxR8R1lvYJ4UyJldi5obABKuv0GtamDSTC6NAfeAK88AEal5E58dUCQO0MCVuI8KeyRtbVvO9NCbgrO7tuXkeFsc3BDbhuI2SpiWxTCKyGDCwOuquwr3GZtEImioQMsBB3uNAlcluJxMa7pUIWni+evsO2JQFU9g4P/Z5NeXhFFs+kaUZQsuREw9tfg9fw99Dl1Iie0nOE4jgHzhjhPZq3qxBA3WKFJNoRXXMJNd59Pv4+UrkHO3lXb+1R/+vzqhOVx3/ymmWG4qZRlPYavYRxWv6SkA~3227954~4605494; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11874-24474
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 974 B URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2439), with no line terminators
Hash 4e1fa635977140e210b68a3c4011297e
6e089a2b8b32d1b747651f139462fa7f649c3a74
efe06bba21a3fdace43e15033f7b8dfc7dc4cb5382511c0364ae5e81e162b646
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:51 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 974
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-627d823e-9733-4397-8c64-248c239b92a6' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:13|d:0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:3ea7c51b-b134-4c42-8b7f-db1da05a1022; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:3ea7c51b-b134-4c42-8b7f-db1da05a1022|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:63; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=809481CD3B8F8A89A747940DDDE1FA12; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603172451281010377; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:24:51 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=u6wvy0D37rv3NU427oiHGrIK9DIR3G5Bzx+Q0bXsKDevq1AaVCmbnMd+NaT8vUWA; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
_abck=88142D0C99B9EB4FB73ADF4A04FC4E5C~-1~YAAQlNAXAmL14XaIAQAA7ePKgwrmvVSxax9RpOllVdiVb8hac88GbJk9FP7/NP8KWjd+biyvK5D0QYFkdkwuw6N1RXzarBtpEUymhgzWpwoanFf1yLtX3+KXOB3AtVt7bbpNFQEKmXO4z9nWgig1RbK+LWSgXa7dj9fyi1hwx8m2xGx2lweK51oXnwB54uImYgP0WVrTWgW8A4PA7UwzeI4Ios2/45BW0MCtFOKmbGyaz3yjhzBp1V+4ScRmM/jN/kty5d4Pxcv0+U+0qZVpeUVdlfNt5snPeiKTIBWt8gb/SnKvwXQ1eE3IVWgiRZJ/VSbu+PoLw67zZwuAH3PFW36cWeYsagA6mowmHoE3u8NLVs4WKt67xxtWgNWG4cmg~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Max-Age=31536000; Secure
bm_sz=28ECBEBECE0EDA5E8973722D570ABC45~YAAQlNAXAmP14XaIAQAA7ePKgxRpfqjUQcb/T197lrfuAkwnGcE4Qou4JZLhWJIjGZil3n+HngF5fFvTkz3suWA3gyGr9w4bRSXcttf4cb5+RdQ9zI0cq3Km+AaKzt9f4V0CdX9uO93v4x/dYV/Tjs7kI5ayNpP3fgeZ+ntD5cqLfL35Yvbt+jLP6TVz7kSVhe76VdVv6mRHbgs0r7jc/T7CDxaQuYsy471hwkZEcE78A3WNgNGZdEE+mAF+EPH44Ymoqc32QcAGG6eQ/Nsv5kW2fDacdPWTS3TVI4N4BOQAvWvN3MaK~3227954~4605494; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11844-52686
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702%3A0&_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4&pv=2&f_cls_s=true
23.36.79.9200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702%3A0&_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4&pv=2&f_cls_s=true
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 55fa32a869669178aaebd69c4cb0a33b
f6c640e716d1517d88131cf5800c0aa90f61866e
8a9b3c822b3294cc23434b0a2769b55e46112bd16478dfb16c7f9965aab58e30
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702%3A0&_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!+2BvCsmExvIN2HIq/D2JHXmrrcNtC1ueacIAvoiqlA3F5CJ1t0CjksECX2XrRbkayFpdRfGRUB/DEw==; path=/; Httponly; Secure
DCID=xOj+ZqbXn8Ywg8R9V+jpUOiYKLAYdOVNtKys9r4VGNrQXfZZZp5KHMglaSDP6km9; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291224&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291224&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291224&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Y1Co5UdIygSFum%2fmLC0bmspN9Yal5UmyvPt+Ttn9lDBE%2fXyPPfiKLUnx6s%2fqlp0x; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11755-18595
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 967 B URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2433), with no line terminators
Hash 9aaad02ebd5af1c151182c90eab70fd5
a6ae375dc274e478db6cf9aa9597663991245d51
c14da30db30e65b4d8ee950d177a0fef586d4eb218c48b64614c2e72549f4360
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 264
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 967
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-188c03a4-e6fe-413f-b21e-0ce82854b8ad' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:13|d:0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:27eef1b0-1c52-4a1b-968d-63458108fe85; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:27eef1b0-1c52-4a1b-968d-63458108fe85|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:63; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=BB7E037DA460A8039AE5B3B6B94D2389; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031724512049252; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:24:51 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=HdGmiJfdbqTda4RcVRGP7oxFuyKBHqqBRhy5CyahoLvBzRn+cz1VyKbZqhiAjK+X; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
_abck=5CEF46A90670662FDF0583E4317E3175~-1~YAAQlNAXAmT14XaIAQAAJeTKgwpsWwjxMT/51JDzNVHlYbwBI/i5kPZWxhX2guCtTqI6XEgSuaqijGZQAz2ELsLb2ThyU27o5Z/Gy0bDOBsobJk6nfcI7t2utHSBK/ftGh2Z4BoYJk6hxnrmHPrlA6Pdy1upLisuCXoOzWdcKVDw3YL2iHKw9dPPHU+PGCKVOPwLx53yjCGAA3v2Z/XY9TKetHEcSq1b9HLBVtijR3JUAstuuRVB5ft/TbGu+jtn3bUi2TF32pn+4rHb94/bCIUoNol6bCfFj9UcY6ErAi+dQw1u8GCjSrm9Z266TN6BA1/7o3ZaZGnFE4NeWZOKuTL92mKtrcbEjt8LYDT9OifXN3bYaUnHEpIHHCfx557o~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:52 GMT; Max-Age=31536000; Secure
bm_sz=B8EBBE2025865C28CC32BB3194CB7B75~YAAQlNAXAmX14XaIAQAAJuTKgxSkz9O+mVPvh9XyC+twzx4eiUcko6U+hhbsYZibRhWA9Kxi7k1Sb9becbxQIlQ+kSQ+6NnJlqsyS6C6lFjCoirE50uAIOvcvgqp0DaR5mkPgqbnNrbX/RvZjTEBWGAFOd0opKOQchbeNLrVqL106AaeRwC1rC8vmWfiiXa+XNASRkqdQF05Dm+xTJzdYNZ4e9QwC5ol2Y+TLqOughlA4fn2lyrocst5OeUKMzMWrw2F7j1o5h3ff5BLttsFAA5if6CNOWqdynCALllXVPn+hmwuCgyy~3227954~4605494; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:51 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11914-37382
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 971 B URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2439), with no line terminators
Hash 10792e5e1f27d8cf738c1b43cde027fc
8a274fb6c2ab8b79861300936d6c8d073b59e834
b61ce61071ec5991318a6a690be06ea6fa008d14c00c8fffffadaea2b865494d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 264
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 971
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-5bd78f88-ffce-4a8c-9535-1cf317523f3e' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:13|d:0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:789f3feb-6d01-4ee3-966f-5a2a299b8c12; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:789f3feb-6d01-4ee3-966f-5a2a299b8c12|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:63; Expires=Sun, 04 Jun 2023 00:25:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=BE31B04E936E1B2F37F7D63B50F6D04D; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Mon, 03 Jun 2024 00:24:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031724511031698449; domain=.wellsfargo.com; path=/; expires=1 Jun 2033 00:24:51 GMT; secure=true; SameSite=Lax; HttpOnly
DCID=uin0u4gsvA7tjbeDq7oxALdRhRTcWCPC7aJ9GeC0cETB9GNZg0nIflgxwhkGOXRt; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
_abck=E9367984A08C884490B6D6D65932342B~-1~YAAQjtAXAv35SYGIAQAAKuTKgwr2tkoea7Ri+rMxuVJT2C9gmPtvRR2PodUX01XMvWfLGhH9YyrBr5AoXk+rBBCpNtLLb3nsQ2Zh/VE4ze5pzGK/XP9j/mfXRX29tD6ZdtASudj/LSqXOToNEoHSivJn3HN55414qAG7Jj24687LhZGrSWTE+m4aIYQpB5sestD1yDJ4C3dDWs0aBQ5/oqfoWy+q/r7Hh6fKWgw15dvbcfHsXuUEzbPCK/J2NzLjZC2NwQDpuSb6iXgaVJcXcT2Twn4SDEwW9YQnSvmWE+DEcAe4rnVSGtke9/+BD2ELdWhNOLfqBqUUNKyihepLRJE8HGmaa/cFTgBLw6y9TqpKHTbqsl5Ot0tkzHTHGwbH~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:52 GMT; Max-Age=31536000; Secure
bm_sz=270540B5CF608ADDEFEDD859C58DF0F8~YAAQjtAXAv75SYGIAQAAKuTKgxR59zEmZbI3k1GISVf43A35r/8YYUxWJbhh65P3ldmDp+y3hm2xIzbSMfHC4inP+Di+ce5txfCNUDNtesZVSJyYzHLUmEiDYUzf/gdCMjmYH6EJfgmBN4gpvuyzVA45WHjZS34XA+uuqcbV71lPhpYyuwFL667C51Q36GWs0FlBFyGDUMO/zmRMNXrqidSB4/YUo9UIC4uygUoMlVu09x/9V52DVxJmDbgPTT3kmyWl3qaHRI+UjdN0cz4pxxBRB78ia03rWgdgHee0r76UgKL/bchb~3227954~4605494; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:51 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11808-33620
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=1FXpRWQ7JYTRGJXso7rLWA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qFlIcsRLzs30ELFFYzdl0w%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291227&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291227&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291227&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=edPfCxHqtXEkondW63IqcAtRf0mtvX8uAiPmKwSrHqeLGw%2fDf5Q6nlFriHMMq2d8; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11937-57380
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291231&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-264163-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291231&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-264163-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291231&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-264163-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=LugF4u7Tda+PAWg2lt4NzpSyLlC9sMpZCQdNmPVzozoMdVpu1YIuzAwBUHSagI1n; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11874-24477
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291236&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_sav_savingsprospectrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-264163-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291236&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_sav_savingsprospectrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-264163-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291236&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_sav_savingsprospectrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-264163-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=5o70D2SQ+ykhWZF1a%2fvlH%2flGJQ9rFqkeohn9q7KQCHQ%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d3_kf175_11844-52689
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291244&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291244&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291244&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ly+ZsuXpLntcVg4ElAuBj76NcahcnZ4lbRRdtoJMlSHkN229KUKxhHQf6a48lral; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d4_kf175_11914-37387
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291249&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291249&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291249&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=nDijSZ%2fmODZCIjvKvxsCnl%2fmImSNaSrO6L1edX8KnvskNJ1+oFvHXmVfHFPZBiod; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d4_kf175_11808-33626
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291241&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291241&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291241&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=RnzDvSLT%2fIu+KajSMnagiD0F0uPK2TT5V5p8uFNvIEg6JERZVIgd8idqrnnu4v11; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d4_kf175_11755-18599
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.10247717598784134
23.36.79.24200 OK 52 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.10247717598784134
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 62045fc63c0a4ca01dfab52a28b2d696
d41cff3d99808dc4fce0d532f86d95dd1780573f
4bc7d8d76eedbef9b61da532053141c676c8cde38134f1052ac3e38358304ace
GET /PIDO/pic.js?r=0.10247717598784134 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52530
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=6a0B6jQG+j3pSO+AGqT4v2Oy%2f+JGKHB+6ysl+eDUhhqDfWoc47L%2fwwU0lv77M84Z; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
23.36.79.34200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash ef3c6aea5ee493ca2c5869e0682f60d7
27ceb74fbabc1152c47391deb113107e9594dbab
a9a476a49a5fbb899fd033699ed9425e9ff16a02a5c48329ff2af1846ecdf1c9
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 18101
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:21bf3eaa-7b5f-4ce4-a93f-63056de78fbb; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:21bf3eaa-7b5f-4ce4-a93f-63056de78fbb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
SameSite=None; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Z9oPM7%2fhhsTkk2NOit2HGfWJNjIsAPTMUR03FAyqL4BSyRx+6PI8%2fHxEElAyycj0; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
_abck=D0D06668A4B81656B18E2B5810BB7715~-1~YAAQHk8kF6qyR22IAQAAduXKgwouYVffXu4ebxyIvz3ZE8pysE6W6zlQjMmJVn6zsGhwk9jr0ZWOBXJxvLFdcbYkY6qJGYOrJ9GRKqlKx63KnFrz4AcmFBhi1bmB+4irUhR16sP6zCmiASz+lzRm1qYGM3L5W26DynVM6MZ6Kt532lZhaAemJ/m9bEDkupI1pDkBabIGmo6Iyw6axshi8Xk41uhz90eybIZQXDGWKeostuxg9UfZwprGVFu/JxIj+nLC6XDwTv2W0CqEwOuQhxwQ0JnCVrzFnAlqDZAENyv+S0qVnNt3H+X+xRFIw9xEpQfN7tFAVd4nLLzbdSdXS/ToqmflKoSABWuOP7UE9F6P10pZ+ROptyFZxRSqsoWS~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:52 GMT; Max-Age=31536000; Secure
bm_sz=6D8CB4A08A465668EF6B0E7F8D81C69E~YAAQHk8kF6uyR22IAQAAduXKgxQOaTn0soVYykxij5VvNxkMUIaFvoXla/7UMKna8MQaeWYXVtRgVZc+yIZRFiBFScLeXhixASQa+7P9+s1Db6KTJgs8IjuLU1IWr9TKyf1z2hvgwWzmdRm1Pu8eZTyCwLwMho9YkH5oaI4YhZEY5uXSuaWz0NGYO5OD0WUb2LStfgB1yAJZfmomYTjEpiwkdn1vyObtQF59WMyf0gqVA4un5OdGo+vaMHJUrF/CfjF4ovUB0FTIEuL0omUzsO9JOJcsmFl19L1ruL3Fft9bvBvMKjBP~3225401~3687225; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Rc+LDyw718sBZaci1rxdwQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291252&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291252&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291252&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=7Og63JcLG34ZbKKUOr2dWmPqZmMxWCi0zLDPsXx%2fdDPl3tsJxoX6DacqefjD4AED; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d4_kf175_11937-57394
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291255&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291255&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291255&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Sq4j7a3h1feooMezFU2ReFF9xG2KcWQGFT3E5jU3ip6n+%2fra5dZtbejPhhAWOGYg; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d4_kf175_11874-24483
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291262&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291262&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291262&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=uDg1Qc7WyzmCFtZLnFY2ySbXvzfGlaW9N6eoiEcjtGgmT0ZcUPZU1Ti1zH0vCjeV; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d4_kf175_11914-37390
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291258&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291258&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F&cb=1685838291258&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; ADRUM_BTa=R:27|g:e8de7fce-4222-417b-98c1-640d60ea0535|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:13|d:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sat, 03 Jun 2023 00:24:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=lV4OjJcCoKN9+GDvX5ZvmZq3tBSvrTOCcUd6u6e6dPnARH+6ZDvBH+tDBl69LMVI; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d4_kf175_11844-52690
c1.wfinterface.com/tracking/ga/ga.js
23.36.79.9200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=CQ2stsW9GD1eIJncM+eG8A%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBJRnAvUzJVSTVZZjhGYWYzL0xPV0t1YTB2cENwMWZra3VORDVQZ0lKbHR6VVRQaW1JN1RDZTY2Vkx5N2E1YzJMMlZONE5BMWozUzExOFdldWkweGRIUU1MUVk5dTlMT05rTFJYV3VnNEs3bGNyREhXbTcrRGFGd3ltTmtSUkdVc01KUTd3QmNCNlFGaTV4UDZ1NUtMMEh5RXgyVmIzWFJhdzZYb3ZkWXBERjAweEV5b1lxNkFLcmt1VEkyQllOOGVTY055RXhERjlzTFJlK1M0cy9hMUcwVDh5UEJ4T2NWMmppTW50N2VoalRxRUtqNVYzc2hPNlduekF5TU5kV0l4Q1BFSnRqYVBPNTFrYjhicWF5bkZ1dXlOUTF3b1JHanVqc1dxbWNzPXwyYTZiYTA0NTE1ZTE1ZWMxYTJkY2JkYjNkNjQ4NjA2M2U3ZjM0YjFiYmZjMzhmZjQ4ZjVlYzBhZTAyNmI2Yjk3NmNhMDNkNmJjMjYyMGE3MjJiNzQzZDJkOTkyYWIxNWY4YTZiZTk4ZTAwYjk0NjE2YjZiMTcyM2YwZjI2M2VjYzQ4NWZiYjIzYjg4YTM4MGY5ZTY4OGNkYmUyYzIxMjZiN2Q5YWY1ZDNmYTZhMGI1NGUxNmRmODIwNDg4ZjYyNzBiOTYwNzlmMDc2MzE1NjliNGEzMDAxZjIyNDVlMmVhNTgwMjZmMjdhODBiZTQ5ZTM0OTA0NDgzZWU3N2MwZWNlNGMwN2JmYWM3OWUxZTdmMmY3YWEwMjJlNjNmMzYzMzM3MGZjOGRmYmYxYWEwMjZjMGMyMmE3MmUxNDQ4ZGU5ZmI3MzQzMzZmMzlhMTVmNjU1MTBkMDRjODY5MjI4Mjc3MzI2ZTRiNjBhNTQxZTk0NjVjZmJkZjdiNDg3YTQ1MjlhNjljNzUzZDkzYTU0YWFhNWZlMWUxZWI2M2NlNDRlYjBkYzBkZmQ2MDZlNzRlOTRiODBjNTQ2ZjYwNWJmN2E0ZTVhOGExNmQ0NjE5NjE1MmY1NTBiOGNiNjUyYzU4ZmQxNTlmZTNhYzZkNzdkNjczNTY0NWU3ZGZlYjMxMzM4MXwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com&t=jsonp&c=wrtiwydwcnrdbbwe&eu=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F
23.36.79.24200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBJRnAvUzJVSTVZZjhGYWYzL0xPV0t1YTB2cENwMWZra3VORDVQZ0lKbHR6VVRQaW1JN1RDZTY2Vkx5N2E1YzJMMlZONE5BMWozUzExOFdldWkweGRIUU1MUVk5dTlMT05rTFJYV3VnNEs3bGNyREhXbTcrRGFGd3ltTmtSUkdVc01KUTd3QmNCNlFGaTV4UDZ1NUtMMEh5RXgyVmIzWFJhdzZYb3ZkWXBERjAweEV5b1lxNkFLcmt1VEkyQllOOGVTY055RXhERjlzTFJlK1M0cy9hMUcwVDh5UEJ4T2NWMmppTW50N2VoalRxRUtqNVYzc2hPNlduekF5TU5kV0l4Q1BFSnRqYVBPNTFrYjhicWF5bkZ1dXlOUTF3b1JHanVqc1dxbWNzPXwyYTZiYTA0NTE1ZTE1ZWMxYTJkY2JkYjNkNjQ4NjA2M2U3ZjM0YjFiYmZjMzhmZjQ4ZjVlYzBhZTAyNmI2Yjk3NmNhMDNkNmJjMjYyMGE3MjJiNzQzZDJkOTkyYWIxNWY4YTZiZTk4ZTAwYjk0NjE2YjZiMTcyM2YwZjI2M2VjYzQ4NWZiYjIzYjg4YTM4MGY5ZTY4OGNkYmUyYzIxMjZiN2Q5YWY1ZDNmYTZhMGI1NGUxNmRmODIwNDg4ZjYyNzBiOTYwNzlmMDc2MzE1NjliNGEzMDAxZjIyNDVlMmVhNTgwMjZmMjdhODBiZTQ5ZTM0OTA0NDgzZWU3N2MwZWNlNGMwN2JmYWM3OWUxZTdmMmY3YWEwMjJlNjNmMzYzMzM3MGZjOGRmYmYxYWEwMjZjMGMyMmE3MmUxNDQ4ZGU5ZmI3MzQzMzZmMzlhMTVmNjU1MTBkMDRjODY5MjI4Mjc3MzI2ZTRiNjBhNTQxZTk0NjVjZmJkZjdiNDg3YTQ1MjlhNjljNzUzZDkzYTU0YWFhNWZlMWUxZWI2M2NlNDRlYjBkYzBkZmQ2MDZlNzRlOTRiODBjNTQ2ZjYwNWJmN2E0ZTVhOGExNmQ0NjE5NjE1MmY1NTBiOGNiNjUyYzU4ZmQxNTlmZTNhYzZkNzdkNjczNTY0NWU3ZGZlYjMxMzM4MXwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com&t=jsonp&c=wrtiwydwcnrdbbwe&eu=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash a9078dab212f93ebfe77e26cf2a8fddb
2a935ae5ef416b934c09d31da64c1e9d30db59a9
d04b16de5674bf97ecd5990c7a279ee68470ff77ddf900f59021c265cc08f31f
GET /AIDO/vyHb?d=ZW5jZEBJRnAvUzJVSTVZZjhGYWYzL0xPV0t1YTB2cENwMWZra3VORDVQZ0lKbHR6VVRQaW1JN1RDZTY2Vkx5N2E1YzJMMlZONE5BMWozUzExOFdldWkweGRIUU1MUVk5dTlMT05rTFJYV3VnNEs3bGNyREhXbTcrRGFGd3ltTmtSUkdVc01KUTd3QmNCNlFGaTV4UDZ1NUtMMEh5RXgyVmIzWFJhdzZYb3ZkWXBERjAweEV5b1lxNkFLcmt1VEkyQllOOGVTY055RXhERjlzTFJlK1M0cy9hMUcwVDh5UEJ4T2NWMmppTW50N2VoalRxRUtqNVYzc2hPNlduekF5TU5kV0l4Q1BFSnRqYVBPNTFrYjhicWF5bkZ1dXlOUTF3b1JHanVqc1dxbWNzPXwyYTZiYTA0NTE1ZTE1ZWMxYTJkY2JkYjNkNjQ4NjA2M2U3ZjM0YjFiYmZjMzhmZjQ4ZjVlYzBhZTAyNmI2Yjk3NmNhMDNkNmJjMjYyMGE3MjJiNzQzZDJkOTkyYWIxNWY4YTZiZTk4ZTAwYjk0NjE2YjZiMTcyM2YwZjI2M2VjYzQ4NWZiYjIzYjg4YTM4MGY5ZTY4OGNkYmUyYzIxMjZiN2Q5YWY1ZDNmYTZhMGI1NGUxNmRmODIwNDg4ZjYyNzBiOTYwNzlmMDc2MzE1NjliNGEzMDAxZjIyNDVlMmVhNTgwMjZmMjdhODBiZTQ5ZTM0OTA0NDgzZWU3N2MwZWNlNGMwN2JmYWM3OWUxZTdmMmY3YWEwMjJlNjNmMzYzMzM3MGZjOGRmYmYxYWEwMjZjMGMyMmE3MmUxNDQ4ZGU5ZmI3MzQzMzZmMzlhMTVmNjU1MTBkMDRjODY5MjI4Mjc3MzI2ZTRiNjBhNTQxZTk0NjVjZmJkZjdiNDg3YTQ1MjlhNjljNzUzZDkzYTU0YWFhNWZlMWUxZWI2M2NlNDRlYjBkYzBkZmQ2MDZlNzRlOTRiODBjNTQ2ZjYwNWJmN2E0ZTVhOGExNmQ0NjE5NjE1MmY1NTBiOGNiNjUyYzU4ZmQxNTlmZTNhYzZkNzdkNjczNTY0NWU3ZGZlYjMxMzM4MXwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com&t=jsonp&c=wrtiwydwcnrdbbwe&eu=https%3A%2F%2Fwww--wellsfargo--com--6m49329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=+4z1W6b9E7xPLUm1Mu9viTKb9YWbYW0NzCiTPjWslP9y28G7SLWYmQqqE921Cw2A; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
_abck=E0A6C39E89198C90AEF1540F20C5DCEE~-1~YAAQFE8kF7JNN3CIAQAABObKgwpTQrl97c23SRKgxkpOe8MwpvzeZ8AW3lIruZuKH7fCdYnkS5B2wQkhqt6GEF0/pOJAIPCJPboB2ZZNXMMq4hamlV6Ka8HHQcug1Yy+DZ5ZtQby/ByYJ7JSsFvYBRwWVEf4kLzGku0tpX30mRoj4O3eJz98ArGehHX8XblBx1TsxKk0o3VjwIOip0Adk2tXTgYp2txqC3T7AmzjE6xmPGLcLHMWLLR2cEVOpWQlKMWrMowl+DPvan/AXjJeWK85yiZ8Z87XVPn23tHvzWkQ5XuVPlphzQVtifWfMpVNMtChvi9hUiq70fWGmh1JApxjFTvvHhIhL6FcHHxlAcMKJEZc94PcEO7ejWMvQxvq~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:52 GMT; Max-Age=31536000; Secure
bm_sz=E786F90E42AB00D95562C8AF17DDB67F~YAAQFE8kF7NNN3CIAQAABObKgxS3cCoOdVSKHhDDpWebzSnENvTOsOALnYA7MKuOqTKVRlohTxKCtLB/QNtGsYP1BgiSjJEGAY5w8rQfl+o5692jqgdHisge0al4ARD3x4GLBNAgYsT5mrcHY3743/jwlfDVq/cJ3bmWhnYisS0TG3o9iT+xe2cr86Lae3p7ZmCYmFaAGwP5BIX9hMgUiUC3rWvSJjFqx5NWU/khV88KrBb5h+rY0ctTA1vdoZbmk1Hio/vAFY5zbkqqKprPHbBfFrsJEvsX3WwzIQYEzqt8+uCj6D9p~3225401~3687225; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.6208453477852186
23.36.79.34200 OK 137 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.6208453477852186
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136694 bytes)
Hash 403ca4da342c844cd574b9335047bb76
91a1b153328a9abaf84d2c7372539f8190012740
cddda11f9187e274d85da47489ac86e79e4b6348e7fd123a62e81b2de47fb3d7
GET /AIDO/mint.js?dt=login&r=0.6208453477852186 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136694
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=R7nlx1ARB93rGm6wfDPXlkoOVZKqOtLzgmxxos4isRLp55lzK7MWHfgM90gAAhBJ; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0&_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4&pid=a639a306-52a6-46ee-b6a2-ca5e94f7c930&sn=1&cfg&pv=2&aid=
23.36.79.9200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0&_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4&pid=a639a306-52a6-46ee-b6a2-ca5e94f7c930&sn=1&cfg&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 55fa32a869669178aaebd69c4cb0a33b
f6c640e716d1517d88131cf5800c0aa90f61866e
8a9b3c822b3294cc23434b0a2769b55e46112bd16478dfb16c7f9965aab58e30
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0&_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4&pid=a639a306-52a6-46ee-b6a2-ca5e94f7c930&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 15516
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!VczkXEeSirmx9lEq/D2JHXmrrcNtC3KFRx+ovN1h20TXHGaeKh3Kv7bQReqJCtmDJS38xAayvDtQOg==; path=/; Httponly; Secure
DCID=uGEJOzPZmyrSzv8%2fHfWTfcqIL+KAPMraFa9FFz6jhuxkxHYF9WAJkauOY4nm9IEh; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ort.wellsfargo.com/securereporting/reporting/v1/csp
23.36.79.25 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 23.36.79.25:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: c8ac6f51-f737-4937-69cf-36796321a45d
X-Xss-Protection: 1; mode=block
Date: Sun, 04 Jun 2023 00:24:52 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:7bd8ef00-f003-4639-88d7-017afeeb6beb; Max-Age=30; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:7bd8ef00-f003-4639-88d7-017afeeb6beb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2; Max-Age=30; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2|d:2; Max-Age=30; Expires=Sun, 04 Jun 2023 00:25:22 GMT; Path=/; Secure
DCID=wgO663id468HCfOjsjL4nsuzk8HHnfMVTjEl24842BY%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:52 GMT;Httponly; Secure
_abck=84EEE9BF03DE3150FBE8D496D02FDA9A~-1~YAAQFU8kF1lI6UaIAQAA6ObKgwrnUJrIwwHwlSt1ozsDxyWjxYVF9RGDlmiKEeDpEfdZ9KxhayJxrGKPkM6EJYQdHtrtGrTSOKXyRn0LHk4Mt93YEwndrqALcRu6uhd+xj92gR9Zen/tve/aJI95pgCmhn3bRL1Z+IQqaP/NohQ4e4hPV9Se4BgelwmoJIAVec2tC4vwH+afL+wc7VQawikdZmxD7gmXIINRypKwUZLR22eVwL9a4LZkh3T5tTBuUw32eGAPCj74TBbJ7yosS0maqFiwRCIFwrKTBrGbxZqRc5qU4aJqdDtWFyCMYCwV5CWWbsaeQs5aiG9CtA9jbZOl1tKc61gBj5q3SLG7HFhrk52imqrl18j5u2sD3GjP~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:52 GMT; Max-Age=31536000; Secure
bm_sz=CDDA836ACD1FA9A437C2DFC5F7E5AAF6~YAAQFU8kF1pI6UaIAQAA6ObKgxSumiR/pSOPEYTXwHErcBolawuZaySd9aOic3YvYqX1jaOWuAJ/Ryug7gvPYZaOZ/AuzP2vSXUK0AgOvInMWtRGfhdqagIBYjAHEFm7oC9XWNIDJaajRpsWBGo7qYd+yEFDQmrthKWXmEPH65CBQS8oDz3qVM3MkHLW9NPbiTJw12D2xivluhsz7wBQ7Q0hcvAXGmgV7d5tckO3cyQdSqNq462vJMPwqFcikkvJXY0m0iZFegM8u1/oBBRT6bWTpB6y4Jwir1ezY8u+a+14j896+j9J~4473153~3162676; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
23.36.79.9200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sun, 04 Jun 2023 00:24:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Di+j2lQgUbqLnp9RUEdiug%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ec.js
23.36.79.32200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sun, 04 Jun 2023 00:24:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=SRSyRyfM%2fn4IyvtUFXbRAA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.132.220200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash e0fb19cb1b08c44a808fac3a31ab10cf
830cc5a0c9bf0bc0d19915f951e46206c4ce381a
754dde19b0101a28cf4a0230354ed78c2fda27d43a240ccae8cf36887cd7675f
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2048
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%2C%22_s%22%3A%22Rhtdb5N9%22%2C%22c%22%3A%22R2owRDQ2UVZCR2VrbUluUA%3D%3Dn9sE__yJSGI_xNt_FejnaoxvQxd9qpRQm76qWXmdtbsc78IW8VWTWm5PJi4bQH-2pQuYUtHZ43yjHaYE9a1JkauTXje8rBukTt4%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; LSESSIONID=eyJpIjoiZ1prQ1hqaUF0TFBWOGMzZldcLzRLMHc9PSIsImUiOiJMXC9zT1ZPZlpoTEdZanhaT0wya1hacXhjQk00bzB4bjVoeW9DUEFIamNwYm9cL1l5dDA0djNTRmIwMzBzUVpwZHBiTFl2emtDSDdmaDNIdFdLMStvbExjTFVObDFqaWFnYzNhb3ZGXC9oYkZwVXVnVWV3Uzcxd1dVZjRidlFEZG1DalwvclpINzBUeDZRN2w3bWc5SDhPRm1BPT0ifQ%3D%3D.b4b03a2f02a05c72.MjhhYTJhZjdmZjRkMWI0ZjQ4NDZiYTdlMDgxNGQ5YTJmOTNhYTQwMzI2NzIzNzgwYTA5ZTE5OWNhYzg3OTJlOQ%3D%3D; ADRUM_BTa=R:27|g:789f3feb-6d01-4ee3-966f-5a2a299b8c12|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:63; _gcl_au=1.1.1586007000.1685838292; ndsid=ndsaoeg5xhdey4rligolbfq; _ga=GA1.2.386252788.1685838292; _gid=GA1.2.1370102899.1685838292; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=R9VJhFfiFxDO%2f46P3EI+SdWuld8ECe4%2fGKICeelG5cI95ji%2fEc8BHovQ3ehaCkEp; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:53 GMT;Httponly; Secure
_abck=0888FB62D11D84D7669D8512AD0D7435~-1~YAAQjtAXAkH6SYGIAQAALuzKgwrXrctuqlIKl7VZRHyIHccmnzraDAgO9yajGzZnjIOT2Yuz5QDdt+rvr9uhSwjc/Oi0zApX+gAzmBKft5dKWIrD3ziwGJ+cHydoCdTsKqrG0vMfqYsF3OZo+kIsbLh00YDpOe1+m8dstPPlQ/vrBK7M+uCwrzpKBZRxv/ko97kRhUwxzh75xiv6sx4SuyfYI93fQYpTgWStEyvDHj+k4LKZxrxS+TPBrjtrh4r1JolphRbWkXxeruSCTBJCNc0SEnsmpa8wyIAP4PxKOsAWzV3XQ332b+5dOlm5vdy2rhwQ8Euj9+NeOFYRUjOGUoybDuqgTpiygW/v+VpgdPo659mbAe9d+ThR6kjnM2VF~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:54 GMT; Max-Age=31536000; Secure
bm_sz=BF85069A4699ACFAE99D0ED2A445BBE4~YAAQjtAXAkL6SYGIAQAALuzKgxRguWGIovizF95U8wjIQz44uafvYJIHBIvaW3bQ0WomaLKukvN41z0Fdl7XsZ+fqIcW8MpckoypwFxKDBig1SPJV6L1Xl27A8VuHL0OPArD/aL24rpIdcAq6LVpnwMRwnq6PRtrfIsox9/Gu5UksBgWnIpGJZACyurApx3gUemQWEuboaxek1RtldJaPQ4g0W15eAi9hNXYo3tXzpJMUJNO1URUizJk7lv8afSSrnl/pnaG/wsSH6vkRstFM5W6z64uDDsaL87fLcQmYVnsV9c+0O/j~4473655~4339510; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:53 GMT; Max-Age=14399
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d5_kf175_11914-37408
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.132.220200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 88b30e221fab8b33a73d9fa9bc7033a5
39c540ad96b6da5c12c33dbf2d9c8c083c8e8f0a
6cdd46abbe07c1e2baa75ba2220c586208f45ac6bf88f965a7fa6fd2104eb379
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 648
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%2C%22_s%22%3A%22Rhtdb5N9%22%2C%22c%22%3A%22R2owRDQ2UVZCR2VrbUluUA%3D%3Dn9sE__yJSGI_xNt_FejnaoxvQxd9qpRQm76qWXmdtbsc78IW8VWTWm5PJi4bQH-2pQuYUtHZ43yjHaYE9a1JkauTXje8rBukTt4%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; LSESSIONID=eyJpIjoiZ1prQ1hqaUF0TFBWOGMzZldcLzRLMHc9PSIsImUiOiJMXC9zT1ZPZlpoTEdZanhaT0wya1hacXhjQk00bzB4bjVoeW9DUEFIamNwYm9cL1l5dDA0djNTRmIwMzBzUVpwZHBiTFl2emtDSDdmaDNIdFdLMStvbExjTFVObDFqaWFnYzNhb3ZGXC9oYkZwVXVnVWV3Uzcxd1dVZjRidlFEZG1DalwvclpINzBUeDZRN2w3bWc5SDhPRm1BPT0ifQ%3D%3D.b4b03a2f02a05c72.MjhhYTJhZjdmZjRkMWI0ZjQ4NDZiYTdlMDgxNGQ5YTJmOTNhYTQwMzI2NzIzNzgwYTA5ZTE5OWNhYzg3OTJlOQ%3D%3D; ADRUM_BTa=R:27|g:789f3feb-6d01-4ee3-966f-5a2a299b8c12|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:63; _gcl_au=1.1.1586007000.1685838292; ndsid=ndsaoeg5xhdey4rligolbfq; _ga=GA1.2.386252788.1685838292; _gid=GA1.2.1370102899.1685838292; _gat_gtag_UA_107148943_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:24:54 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=s6Dj9gfCsUp487isliZUUIinmyMLyBZ9hoiW8Zkxg54%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:54 GMT;Httponly; Secure
_abck=3AD690190262B2888B05CF0A99F5CC44~-1~YAAQjtAXAk36SYGIAQAAIu3Kgwoe5f7NMJyGXR4cDf9Fs4aTVjjB7U4Wt5PW20J+xmF7dz8gmKofp96shE0J6/BLxRTJNyFRys/t5NsnszrB6GGX/dQnaYa4kUONt0UiNfVm7fTFxq6LG/EkrNRhxavvhGlsebumbPRMmJioDMwJVPYh2M2d1I3/Dzl5qw0MeEmtwqLfYxnSI+QUuic9JMFrkKfwUtmrkGSZKqF2imVHDKVSCE+q1YTa2uGwE3ppEi/zfRiO6MDmIgvJkYSQtbmvnp60iTlK2r34qfbKxzMtIOpkTFuUhVfpssNcK1fncccXwfeHPH5ls5YJH9ICPfUeUEPUOslihg69P0umIWOTX/8rKPfriuZ78ryXZOrw~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:24:54 GMT; Max-Age=31536000; Secure
bm_sz=7F53A7D735C318F0B0C274F588783E24~YAAQjtAXAk76SYGIAQAAI+3KgxRqCKL26BM0hoJ3lQ0jRE+89EfeJ4Dxw8AV6pbfeUAaugRVbY8IM9pBeJ4cx9NTpUlhEuO6WzEJG9Wf61bzXJr6mrOrNuNP1cflW0PiydkMnhS+7CvOkWSmst6u5wU5pXMoIe28RAzceDbTKX4A9bhdtw1oRCIoXy4X9u7NP3BlydXJUsNV+LuuD3z/tE/4lWZ9jzRrrcFM8jcSJSoZFhRYN7Pxs9p43WmlNDJDpfoZ2QXr0hhtrosd0XLSNvznucPdiwDxffI81rYgHRDNKlX1QD3m~4538936~3354679; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:24:54 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9d5_kf175_11808-33651
www--wellsfargo--com--6m49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--6m49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--6m49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!fNzNhERzlMl9cDus0q/LsATxthJGHnJp80cpisYkRe7EC3JfYGxfThQFXEMtO4aKaRHnEy9us2Uhss0=; utag_main=v_id:018883cadda80059d573359b4c3c05046003700900918$_sn:1$_se:2$_ss:0$_st:1685840090950$ses_id:1685838290345%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTEzdbNTlDTF8CmqqSuSoPhnEMO4s1eJsgJuiA6JrII%3D%22%2C%22_s%22%3A%22Rhtdb5N90irPLyfYhCcFmX7%2B%22%2C%22c%22%3A%22R2owRDQ2UVZCR2VrbUluUA%3D%3Dn9sE__yJSGI_xNt_FejnaoxvQxd9qpRQm76qWXmdtbsc78IW8VWTWm5PJi4bQH-2pQuYUtHZ43yjHaYE9a1JkauTXje8rBukTt4%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_fr%22%3A20000%2C%22diA%22%3A%22AdXZe2QAAAAAXhwGzpmL5pmluhBNxY4O%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22fr%22%3A%22HsyLouw7Eh2zeo9LhqKNhw%3D%3D4QJzPIqYQxkMdHasQWNf7woDKtYQg8Fr_Mbnbqv3WoQHGBUiZvsgcZUdrHMUQXb_G_8E1iRLEH1s0XXlXQYqAQAeh6mg15ChLZLtO2RTCdUcC0UBFVRM4yHfRURbOJ_lD3mx2qRpnPR5JwhSj_XVBsOcl32Ai3Mdjo27tT5uy14a1JAE9ksQdTUc%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAvmT5xav2XsF9kw%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C90700398487066544617717135067189355370%7CMCOPTOUT-1685845490s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; ISD_WCM_COOKIE=!lIAkILz/tb9Gnr3z2xKqB3cO2dndHhbcup5Q/OPazy5YziA1z2qwggDsJwLGp/a4kbrELxwXfu7LyLM=; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; LSESSIONID=eyJpIjoiZ1prQ1hqaUF0TFBWOGMzZldcLzRLMHc9PSIsImUiOiJMXC9zT1ZPZlpoTEdZanhaT0wya1hacXhjQk00bzB4bjVoeW9DUEFIamNwYm9cL1l5dDA0djNTRmIwMzBzUVpwZHBiTFl2emtDSDdmaDNIdFdLMStvbExjTFVObDFqaWFnYzNhb3ZGXC9oYkZwVXVnVWV3Uzcxd1dVZjRidlFEZG1DalwvclpINzBUeDZRN2w3bWc5SDhPRm1BPT0ifQ%3D%3D.b4b03a2f02a05c72.MjhhYTJhZjdmZjRkMWI0ZjQ4NDZiYTdlMDgxNGQ5YTJmOTNhYTQwMzI2NzIzNzgwYTA5ZTE5OWNhYzg3OTJlOQ%3D%3D; ADRUM_BTa=R:27|g:789f3feb-6d01-4ee3-966f-5a2a299b8c12|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:63; _gcl_au=1.1.1586007000.1685838292; ndsid=ndsaoeg5xhdey4rligolbfq; _ga=GA1.2.386252788.1685838292; _gid=GA1.2.1370102899.1685838292; _gat_gtag_UA_107148943_1=1; _imp_di_pc_=AdXZe2QAAAAAXhwGzpmL5pmluhBNxY4O
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 00:25:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=SvugLwWrnmS1vI+DmGXIm38cHGg2Rp0foin1TCdD8Ho%3d; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:40:01 GMT;Httponly; Secure
_abck=22E4FCDFC79A377AFD22A05953F5411E~-1~YAAQjtAXAsb7SYGIAQAAMwjLgwo15vFCsOrRyJ9E5PD/5ekrq54sAZiz5wL1YrOP2DaqgckcRiMPGBTncaR9xlzffR/97H7Vm4Gj5J3A37cT9l4nwETSEC5+MPdbohdpzJeuqmX0dO4TPR6/veD0Sba71m2oW0lC2ZK6AugiqiRp9rUnu9k+QosDvLebl0PTJgnR/JX0iwEaZKcjmgaJ27dKCF/T+HkNfwR9sYYk6GH8mbtEmJjbpeJgYknfNsRUV0A2pTjlTLkYwkc5Jduj3FBxj7EXNjL3CE0U1PZ//mdZKg78pA0MhgpvpfTT5bbmPLTAy8uXCi9C9wRDY++af6ARX7VSttUkdxCyrpYwkAT9Q18VvzzTfmI5qxwNjo5x~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Mon, 03 Jun 2024 00:25:01 GMT; Max-Age=31536000; Secure
bm_sz=922D745AF0B6D71BF12910A1BFE1E938~YAAQjtAXAsf7SYGIAQAAMwjLgxT8fX8WdNal+bvlqzEJmycLgsgF9O/HM6XYZzdOIBmfGWO6TwhdnmOSYgPjdQ/lYbEX5qdM2YkLPzqL0NdVuAtfG4ar+YzTPsWZdImdAnKSmJhH03e9GEFqiODuuq35TBrVl2y0G4ToZ+Tl+P8Oa2LGTMVDcVmmdZU5C6kZwBD14ekAu3DpwWlWW2okYuwqwE+2L7BkDLCuoJEINzPgy1Z3kzwbEQOZIDY5V4fpfWe+tW6GgvTMJIRTKHz0rh4ytZLIi4gwbzkRpq0C4QN62J7v06FU~3359025~3748162; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 04:25:01 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd9dd_kf175_11914-37578
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52
44.227.151.146200 OK 190 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52
IP 44.227.151.146:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9894b0f8c5e7859c366eb7a6aafbe46
07d8399c7f30bac9b6d4cc8d6da6deabdb18c4d0
7910d6f31a59d1cd176119e321cf822566adcab6dfdff1b741d66666035d034d
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:24:54 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0&_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4&pid=a639a306-52a6-46ee-b6a2-ca5e94f7c930&sn=3&cfg=32a3f9ce&pv=2&aid=
23.36.79.9 164 B URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0&_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4&pid=a639a306-52a6-46ee-b6a2-ca5e94f7c930&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash b28858d34faba919b11b2cf30e891d60
42b8397875528e1392852e5d8aeb0c4d4231a5e4
78fe28a0fb96d1943aac9ab25ac83c89dbbe942354982d9d77d039e40c668b4d
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0&_cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4&pid=a639a306-52a6-46ee-b6a2-ca5e94f7c930&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 36505
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=5697450e-358c-4e5d-ab95-f1c9864d4702:0; _cls_v=fa17a83b-e664-4ea0-8b42-46a17f88aea4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sun, 04 Jun 2023 00:25:02 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!JxJDgABQYp+JR6sq/D2JHXmrrcNtC9it/UnzJox+el7dBYQn/68b0lE2SchL3ChJJ/F1pncUi/4MAQ==; path=/; Httponly; Secure
DCID=2DrUPf7tOhHYBQSMUgno4%2fV1bv6eh9fmr631gzIXLCu4Xkr8XrR0ZijYuv2QcQbV; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:40:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
44.227.151.146200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 44.227.151.146:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 629
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:24:59 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:953abf83-3fac-4861-82bd-e1a356abdd0b; Path=/; Expires=Sun, 04-Jun-2023 00:25:29 GMT; Max-Age=30
ADRUM_BTa=R:55|g:953abf83-3fac-4861-82bd-e1a356abdd0b|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sun, 04-Jun-2023 00:25:29 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sun, 04-Jun-2023 00:25:29 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sun, 04-Jun-2023 00:25:29 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:1; Path=/; Expires=Sun, 04-Jun-2023 00:25:29 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
23.36.79.24200 OK 1.0 MB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 1.0 MB (1041699 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sun, 04 Jun 2023 00:24:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=dwDZn+DGwGLCMAHlq7nDeXWPDAs0mTL9T7ApAM8mZjz6R8I0bEOJCRFke5UekQ2E; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:39:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
44.227.151.146200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 44.227.151.146:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11285
Origin: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:24:53 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:977c514a-129b-4e9b-bf4d-9a5b4b877d4d; Path=/; Expires=Sun, 04-Jun-2023 00:25:23 GMT; Max-Age=30
ADRUM_BTa=R:55|g:977c514a-129b-4e9b-bf4d-9a5b4b877d4d|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sun, 04-Jun-2023 00:25:23 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sun, 04-Jun-2023 00:25:23 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sun, 04-Jun-2023 00:25:23 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:9; Path=/; Expires=Sun, 04-Jun-2023 00:25:23 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
44.227.151.146200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 44.227.151.146:443
Requested by https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6m49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:24:54 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2