ocsp.dcocsp.cn/
47.246.44.229 471 B IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 5383f39cb41709ed1e5e9632b0a0698a
038f5b4ac770fb2bdfdf5518bce0dc60e3f40443
016dd647ae0bca643ee73a847d8413e649ba65bf6153512c8c75b9ada22eed20
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 05 Jun 2023 11:22:44 GMT
Ali-Swift-Global-Savetime: 1685964164
Via: cache21.l2de2[0,0,200-0,H], cache5.l2de2[1,0], cache3.se1[23,22,200-0,M], cache3.se1[25,0]
Age: 1744
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 05 Jun 2023 11:51:48 GMT
X-Swift-CacheTime: 1856
Timing-Allow-Origin: *
EagleId: 2ff62c9716859659081945184e
www--wellsfargo--com--u949329d48d6c.wsipv6.com/
163.171.132.220200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash 48152fd4dd3e972bed7f4d4e68b68340
85e2a99571d5ce66689e19674aa7983ca049905d
827dfd9f08d3475d2b6e1283f17e80da41e3dd951d6841f3e3fef8acbd7ba039
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:48 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18837
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-69e226d6-8cb1-4b86-97d0-f2cbfc50041e' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18772 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d; Expires=Mon, 05 Jun 2023 11:52:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 11:52:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 11:52:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Mon, 05 Jun 2023 11:52:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:85; Expires=Mon, 05 Jun 2023 11:52:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306050451481578386368; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 11:51:48 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; path=/; Httponly; Secure
DCID=3WGIR5xa+0czSqTtekt27RB9OReZLdmRP4E+l0WDn8xd7IKmskybvVz7nWxHWf4R; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:48 GMT;Httponly; Secure
_abck=C032A1A63A6DE142E3F5CCA558A64ACF~-1~YAAQjtAXAgUR6IqIAQAA0ypmiwq6qXscfm92UV8b8asXAxWBR/4d0ali04TUUt4+x2QPJd95beIyDr/9kANRte8QggG5FuFJM/lZXYUXD7+w6VBc1v4KSgsICUbhZo0brDcJHeR2CxukYKhayxlxlyzDdUvAAxd+DLGpCr81JTZA+IQUe3eqzeC9kyHkDS4yGNdKo9XOcoKl7SNmBjj2OJQSIbY5gmrrQEjY1Ih2xSjqQ4IA3FzEGQuQfwC/owZvqohPgkL+u0LnD/BwnrbYlIKzljMg9JW9QGatw2BXC5y9V6zqpDx7TRdMYg9B7OFlg1cyH5IiVum59gFu5Hbq02iT03FUOhFU9WhWKbFKl5KKp3OaiyNru+UvSbnol9Bp~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:48 GMT; Max-Age=31536000; Secure
bm_sz=8241BC80973F9050C74124590FC526DA~YAAQjtAXAgYR6IqIAQAA0ypmixRBucL7x71aZmQGKDnWBsLaHpKZZs3NrbmhcJfqOVSMRxbhuFetW2qqw182sRcgJ+lzaHGAoi9OwuiOtKU3wZuJ5l/OmvtZUoRJ75tfi5kAdxkm0+vHiVWujxlG5duuVicqK+GUoKDUYS57rHYHgndyzId+fx5fakcj8zyvvKn52ACjidN0gLFZES4a+uRytReimdcNFcd46uMEEMvt9wtQDujQ7hWOh5SrNQcfEQJ8Sw5dZNzEjQftDu/nsgLJ7B85U/PSG9WQSwLKDqS5fFZN5EFa~3228983~3224372; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:48 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc54_kf175_11937-23413
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=912990
expires: Fri, 16 Jun 2023 01:28:18 GMT
date: Mon, 05 Jun 2023 11:51:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=913012
expires: Fri, 16 Jun 2023 01:28:40 GMT
date: Mon, 05 Jun 2023 11:51:48 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=913199
expires: Fri, 16 Jun 2023 01:31:47 GMT
date: Mon, 05 Jun 2023 11:51:48 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
95.101.10.152200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Mon, 05 Jun 2023 11:51:48 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=FLYmqQvB2jLu91F++SQpRQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--u949329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.132.220200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:85; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:49 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Mon, 05 Jun 2023 12:21:49 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc55_kf175_11685-64056
www--wellsfargo--com--u949329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
163.171.132.220201 Created 76 kB URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 0d61b4e4742d5251c44efcd5d8166a2c
04189d5a539c1cc84fee87994097919000f3434b
c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:85; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:49 GMT
Content-Type: application/javascript
Content-Length: 76203
Connection: keep-alive
Stored-Attribute-Sha-Checksum: c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Last-Modified: Wed, 26 Apr 2023 15:12:26 GMT
ETag: "5b60948dc39561fee36fa77d7eef5047a16cbdb8b05e43f4f2fbc918f19cea08"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=JXLi5Cs%2fsPJLQx3a8fbUwQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=C9DC2A03930CA4872D99DD5A19B42124~-1~YAAQjtAXAhwR6IqIAQAAOCxmiwpt4K/pd7HwK6/3H+TIyDtWX8puzLelUsDKADi0e95P0Vp3wpFBv60QXIbBt2Jrrgss4NqTUxgfx5ICQbHWljRo8kRar9Etl/p+P0KIxUTJCy8ZaWxND59/Dco35TfxMIIKHZfGLgy84WScFLc244igbjrwC/mx60Ro1kBOJYleApEGqAdQWyDbjVBthrxAFmbhs9BacF15nvE2+FDt1RXotywVIPUPU+rqB9NfwhSopmUPW0SmKVW85L0CpAtlxM9ibijS/+jxkU4/pB51lNwrjAGZov6NJRldivh7IU0URGs12YD3eWJNZeHoovHLRePkviZ0cht954jgaI92sjNwZSW5KHQBsCsUQpw8~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:49 GMT; Max-Age=31536000; Secure
bm_sz=82ACF5DA4430AA20A97DD3EEB57403D8~YAAQjtAXAh0R6IqIAQAAOCxmixSK6ut+V0zI07kJx1jRxN2b7YYHTIZwFaRj26X6nHrHhoaZJD0joLwcO+Cz4O2MEHMnACHsb3R4TagtwgXNJQx1DswgD44wJtY0KpbShrS8mRs8lzw2YH8LULw1z5hsmkw9bhNfHj/dP4jo8+WjWJXW5vVlL9BXZR5oGbxwbDbf6rxkju0mUcEufamerNTMdWJWTgzXZTG7v89uwkAcxjMMuydvbO7G1MT0tqlI70AIQ4lIsn1RcWDXE16MzwhT6RJuzaKJTJcX7sOCxnIgh0YdUaUG~4408121~3688003; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:49 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc55_kf175_11844-59618
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
95.101.10.152200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Mon, 05 Jun 2023 11:51:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=VwXlbwlCEeiNLRWHUKx0gA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--u949329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.132.220200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash bd5734b016814c00693b5fadd4d9389e
4ffb5e0cf7026f1a9f2a5d2dfd50ffc44a26e79f
7205e24e8ec7d9bad7384c6723ca2942091be3531adc10b49f512eb10e96ee7a
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:85; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:49 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4282
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 05 Jun 2023 11:51:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=AxQsZouIAQAAUIWLGPXOSLddToO3xTGJ0CzUYPy7frGLt013RHLMEFCtl_N8AaOrhK-cuNk0wH8AADQwAAAAAA|1|0|16a582b449dd7393a00edeb70e8ffaec4e09bbe1; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=TrW+3VpFNehXetwEW215KsG%2f09lWFb%2fw6lhpJdW3cEQpk2wAZ813LF%2fbXG41uO9V; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:48 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc54_kf175_11937-23428
www--wellsfargo--com--u949329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.132.220200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:85; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Mon, 05 Jun 2023 12:21:49 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc55_kf175_11777-60013
www--wellsfargo--com--u949329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.132.220200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:85; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Mon, 05 Jun 2023 12:21:49 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc55_kf175_11820-62041
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=15521618
expires: Sat, 02 Dec 2023 03:25:27 GMT
date: Mon, 05 Jun 2023 11:51:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15525500
expires: Sat, 02 Dec 2023 04:30:09 GMT
date: Mon, 05 Jun 2023 11:51:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=15417788
expires: Thu, 30 Nov 2023 22:34:57 GMT
date: Mon, 05 Jun 2023 11:51:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15526382
expires: Sat, 02 Dec 2023 04:44:51 GMT
date: Mon, 05 Jun 2023 11:51:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15417792
expires: Thu, 30 Nov 2023 22:35:01 GMT
date: Mon, 05 Jun 2023 11:51:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
c1.wfinterface.com/tracking/hp/utag.js
23.36.79.32200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Mon, 05 Jun 2023 11:51:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=mHh89oDr2PAqDgj%2ftFodCg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--u949329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2875
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:85; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Mon, 05 Jun 2023 11:51:49 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=y3zbPl7Mpf0oME3kgqPjsQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=y3zbPl7Mpf0oME3kgqPjsQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=3F4C89A43DA7F7BA981352F254CD0AFB~-1~YAAQjtAXAjAR6IqIAQAA4y1miwok6POQJ32y+vBXnhp7pb5+N95EVNXuwTOO3OFIhojTBBuxlVwEC0SZ5UAVBGVlAt2cEJHHXGfp0lgAApHslhjyF/hLmKtPWUO4zbzkaoL5jO3TGiJy2/y7ar2tn2ugXuTg5qViAPGYTUVy9NS9VMYUdN1FR9xwqZW6ab8LVYSSrtqlOTPX2/pvm5VRDOH4VvJQkLbAkgqhaX6LvTf7dYMU6tIcSkh8hiqc0mhtfRJZ4jt5/UPFmvsSN4pKSgQGHMOTjW/id5J1kkL4OBZEyqj6UbcSu8Jx517MJTEe0Vy+4yBWROdyI8K/lDy3mgi7KoPuFOT3CSrsTBevGbVk6Tn7JFjsy745AsS2xmPj~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:49 GMT; Max-Age=31536000; Secure
bm_sz=028BCEEA2869CBDC92114BAA7F02ECF4~YAAQjtAXAjER6IqIAQAA4y1mixTortSiPmiYxE66bIJUlcrnMhO2lF0faSNpylbfWeDlvsNYEpL3Cq0dH5nqCuBymZpTJwOfZJDFzHeuI9fMsEcLNVr6Li7OKbc2qRFRdiD8vWIaZtZWXuGLJJS3sxVFIkqGNQ71MRJT325clQ7CGpQ6TWjGY/OMajlBkYkfkYwJeazzqzyPKDDv+Q5hCqnGvVpZO1a2vhBlIW3drHn2L76SWoHSq/57QQm7xHZuHdMgj6mEjR3VKDTCRKoMMu2k0wjEOnI0x5kGh/nu6+sZNDnYWKUE~4408121~3688003; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:49 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc55_kf175_11820-62046
www--wellsfargo--com--u949329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMAyUouIAQAAwUGBVFCScsYuP_-nqabqWbpCXhSY8wNReLwnA6H9e9fS98ZX&X-G2Q3kxs3--z=q
163.171.132.220200 OK 149 kB URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMAyUouIAQAAwUGBVFCScsYuP_-nqabqWbpCXhSY8wNReLwnA6H9e9fS98ZX&X-G2Q3kxs3--z=q
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 149 kB (149089 bytes)
Hash 98f5628836a3a218b444b4b4583d16ef
7269b9a84adf14e0e04a4aa68879feb800104bc5
d18f477f87a549032d555104bbfc622fe1a553fd32e8647ac53e702518c81e5e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AMAyUouIAQAAwUGBVFCScsYuP_-nqabqWbpCXhSY8wNReLwnA6H9e9fS98ZX&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:85; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:49 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 05 Jun 2023 11:51:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=Az4tZouIAQAAPSc0wzfOVShjA-YeQWN7EOxThfAZjJBvg2VHukrPAaA0FZ44AaOrhK-cuNk0wH8AADQwAAAAAA|1|0|30e244f789ffc659dd47417f2c9c4c30a4a2b300; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=4uEfqWCndziZ359sn%2fQZGQNDpvA9HSb62fwIiSmWgCIyEgw7jHmlxTIeLd51HkrA; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc55_kf175_11844-59621
www--wellsfargo--com--u949329d48d6c.wsipv6.com/target/offers/conversations
163.171.132.220200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (10640), with no line terminators
Hash e80100bc10ffeb4cc39398cb5f7dcae5
b2c6a49dde30629bf248f2af050d712f65fc7ff4
eab4682ed790c06b6d972d38d4a067cc7d677facb73c6f8edf40ddab735daa1d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:85; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:49 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2120
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-4b20e617-c702-47ab-8f07-05f3a6a69b0a' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:85; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95; Expires=Mon, 05 Jun 2023 11:52:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 11:52:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 11:52:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Mon, 05 Jun 2023 11:52:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:150; Expires=Mon, 05 Jun 2023 11:52:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120230605045149134947901; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 11:51:49 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=1F06986C79A73484F5B2E9AF9FECE370; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=U19TLHIEplHD1iZNWXzRe34LnQdLhlA8xEtB1wUZ5lci13EVGpqKXz+Z5b+Slb2p; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:49 GMT;Httponly; Secure
_abck=69287423B3E4CBCB6B28D1411D7741AE~-1~YAAQjtAXAkcR6IqIAQAAqi5miwrOj3Zpv/m6jDLFtnhbiQtL32Fvn1677kvenG0b53IOA8APHSTLZ+bl7z6lS/mpg2P6T5Y07pFQEDj8/CHOzPej3nB8ct9yvVuvCEyP9XF1veuFUtnkDHT7NwpNF1NYHVOq2s8IS+E8N628JL9jKxoRv3024SGIxrisnaiY5SE2MyfHcbYDnjuAAH1jxcGG72xefmu/pb2n9pnlNBUmMO4uQbCyJrJzilbMyEcdsdq0o2HzU54G3qQWnJiiXrpz1pacS+gZknexWCDKRhWyxiolvnlZk42tDaQIWEgIxQ3YPE1P3Z69Todti3U3uCzERSdZ94RrBg0o99i3d1YHlCAKikKjYS7sJhlkXnb3~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:49 GMT; Max-Age=31536000; Secure
bm_sz=AD8525137A629B26F480A7901EC75CEC~YAAQjtAXAkgR6IqIAQAAqi5mixQIIekZAfznLBmOCD/9PaTArr0wxX0M4fltGtnThYxsXgLvwEZLCybDQhfhXcd5w1+RSW7LxZtlYfehslneZho5BaVRhr9++1jnc16Y6PFhyVnj+mPZDgAoy6c2Ylyiq0NtPGvVUhgyl9dU5n2yehXLqVQVqK5UbmujhFp12AAaUqH/rW8HO3Kvz9RjgwwfKuOnKnbqHYr5d+9IyiuOL3r8ZRz4XFqlfIYo4WY7jG7QXJW7n4CXuk5dJVhzN+iUtHLQou86Sz/vCOPZ3zjeL/L49n5T~4408121~3688003; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:49 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc55_kf175_11777-60015
www--wellsfargo--com--u949329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.132.220200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6f02e744-aa59-4ffc-a029-760afb47f69d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:85; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:49 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 05 Jun 2023 11:51:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=pXwH5nNcZah7+UM4Yw0yaZX7l28cJ61s6NCRa8ZK5ShZekcqO83t%2fbjeAKmsTAHS; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc55_kf175_11685-64075
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=59025
expires: Tue, 06 Jun 2023 04:15:34 GMT
date: Mon, 05 Jun 2023 11:51:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=913185
expires: Fri, 16 Jun 2023 01:31:34 GMT
date: Mon, 05 Jun 2023 11:51:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
104.110.27.78200 OK 27 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 45a212ca9acc61f0bb2570fad9b1ef6d
0766da6abe3d736412ceba81a699a55110feb6b5
99dade4264e8d662c215bf128f8911bf7e53123d661d9783c0a4260970fd51fb
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505838-e489"
last-modified: Thu, 20 Apr 2023 01:30:25 GMT
server: Akamai Image Manager
content-length: 26587
content-type: image/avif
cache-control: private, no-transform, max-age=913091
expires: Fri, 16 Jun 2023 01:30:01 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg
104.110.27.78200 OK 16 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 093dc61fd7b0036526bf39ae69597887
a27c677f83b0554434422c99b5519ace95ddb23a
f5a1bee943c64e915cc0223d3cc7e402b70794950377eb8ef040c835fad7e156
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c4a-ce5a"
last-modified: Thu, 20 Apr 2023 01:31:11 GMT
server: Akamai Image Manager
content-length: 15941
content-type: image/avif
cache-control: private, no-transform, max-age=913024
expires: Fri, 16 Jun 2023 01:28:54 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
104.110.27.78200 OK 3.5 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d1b1a3360bdd72738e293e52317421be
959dd982844853f38ab34579ad4738ee17b263d4
e03095c638618279cc642e7a7e10d962f3d7161eb34a25c9a2407045fead2391
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61a7e46d-e1c7"
last-modified: Thu, 20 Apr 2023 01:30:27 GMT
server: Akamai Image Manager
content-length: 3542
content-type: image/avif
cache-control: private, no-transform, max-age=913011
expires: Fri, 16 Jun 2023 01:28:41 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=871472
expires: Thu, 15 Jun 2023 13:56:22 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
104.110.27.78200 OK 44 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 9534a04615e76afcd0a4dda5cdf8dd7e
516d3a11907386abf70170a54409523592c068aa
d7579baa6c30dad3cc501d73364183349ac085fcfea7c2af16aaa11532bc5907
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505837-def7"
last-modified: Thu, 20 Apr 2023 01:40:39 GMT
server: Akamai Image Manager
content-length: 43802
content-type: image/avif
cache-control: private, no-transform, max-age=913772
expires: Fri, 16 Jun 2023 01:41:22 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=913057
expires: Fri, 16 Jun 2023 01:29:27 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
104.110.27.78200 OK 2.3 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 3ce78d6dc48322da6961f79a42940dab
528dce02a84b67925d3e41632eaa418f0de7ad23
a137906477e02c4e3a756f805d90072a0c2e5c0d50290f0932de573ab29de76f
GET /assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "641a0e62-1da30"
last-modified: Thu, 20 Apr 2023 01:31:14 GMT
server: Akamai Image Manager
content-length: 2317
content-type: image/avif
cache-control: private, no-transform, max-age=763698
expires: Wed, 14 Jun 2023 08:00:08 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=913140
expires: Fri, 16 Jun 2023 01:30:50 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=913136
expires: Fri, 16 Jun 2023 01:30:46 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=913324
expires: Fri, 16 Jun 2023 01:33:54 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=913439
expires: Fri, 16 Jun 2023 01:35:49 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=807929
expires: Wed, 14 Jun 2023 20:17:19 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=913152
expires: Fri, 16 Jun 2023 01:31:02 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
23.36.79.34200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Mon, 05 Jun 2023 11:51:50 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=B; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=GY4LY+TrrsVWtahdfs0vXPLflBl2XHS0vXikYg7y5cJEyuU7Xh8%2ficSTCt%2fWfQG%2f; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:50 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=913014
expires: Fri, 16 Jun 2023 01:28:44 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=913140
expires: Fri, 16 Jun 2023 01:30:50 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=913016
expires: Fri, 16 Jun 2023 01:28:46 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=913297
expires: Fri, 16 Jun 2023 01:33:27 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=913034
expires: Fri, 16 Jun 2023 01:29:04 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=912982
expires: Fri, 16 Jun 2023 01:28:12 GMT
date: Mon, 05 Jun 2023 11:51:50 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--u949329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2155
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:1$_ss:1$_st:1685967709331$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Mon, 05 Jun 2023 11:51:50 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Yo6AEr3XcJXQhsDf4LAsdw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=Yo6AEr3XcJXQhsDf4LAsdw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=63AA0DD9FD1AB9300C376DF13957F688~-1~YAAQjtAXAlsR6IqIAQAAMDJmiwq6Jjczvbdb8rthxJysw/unzhroO8GzNZ5XIecrtgOVvvLtV0iZrsDBo3hQAYOe9gybGLY7dLQIJbHOzdtMDi3YdTz8vsJbEcaFUHWwclW23IcDdkz3H+S1OGmnB+PUEzJi3UhYWXOU4rgcSc4eLvbkCCqKLhxBSGKFPSPClPRyfmDShiRw6DTI+fc+05BCYPxgbz0gN+rn/0a9tNSq5ZvgGn2fjrYeWDy8YMQUTQNwzr/WSxWgrmTuNWI5TQmyjje7N2idBN9X1xufyPOS3v3+OwnAG66ZZhd5Wkdb14e1lCFDLuUsNhmvgoXXdvOp7vHW8olhvS8iw5TFmvj8DNmAEromQNaThfKIudur~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:50 GMT; Max-Age=31536000; Secure
bm_sz=7A50FA01773E727A9518EFE4A573DB97~YAAQjtAXAlwR6IqIAQAAMDJmixRHZuIBZ0B4I6kCvXo2NI+7sQP9bMeNB/yHoSVisE9Udt/bQLH/JND20vziF9kyDg/HQ/XI7BZn/YPrKmnSmkDEiUkn2x0+kGNu4o9O033tRuHGrNT8BbUkpUDMa5GZ6jmcYfQEshOs1cGr7g9XyqURTlULYl+E6xYFsv0KAeqrgCH0AS5mvUb6GOMY+n8O4UKW7GIywhEwEKvyJsYWBKAfn7rWEAlrA9nKJhKOyzDi6VnVVrakO8IylM2g/Zgf15ybJlxwKTsAy2qOs3UlrEIsTz1V~3289924~3229239; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:50 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc56_kf175_11685-64105
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
23.36.79.34200 OK 152 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 152 kB (152014 bytes)
Hash ed228080a9a160af8dfa8756995fbc47
d2a2112e834da539756c4358efc35f5c6ab4ba35
c4857daf680deb944782575d12852db8bd80bfb881c9ee34b28797a191b37040
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 11:51:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A9IxZouIAQAAFeuuYhJkMLIDHkF0SJ77QHxcVBKM-3t6KAhmPzcBttQGuKlwAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|658af657d7479e04bfa062bfb3eda0ee8520640d; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=vzBHO7hdHphUIuSI9VizjUS%2fv8TqkMi%2fpoFBsgDC661awkYO%2f+q31gpPMNTIyH%2f2; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:50 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/gb/detector-dom.min.js
23.36.79.32200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Mon, 05 Jun 2023 11:51:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=3WxcTchOPJEHRg+8WHR40g%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
95.101.10.152200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Mon, 05 Jun 2023 11:51:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=S1ArDAj8r8k9tMrvLl4ZIg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--u949329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2874
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:1$_ss:1$_st:1685967709331$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Mon, 05 Jun 2023 11:51:50 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=GIYvq9luS8kz8qZSFO4u8Q%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=GIYvq9luS8kz8qZSFO4u8Q%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=53698627AAD4CC9813DFEBE869473041~-1~YAAQjtAXAmIR6IqIAQAABzNmiwqtDGMRC8mvren5XSW2dynwuqdPoBkg9+Ro2/E81eQnZ0jXVAgyEi3ukvjYJ5eVUsblhjUoKJOFp/Mx+R6vymcVY6hfigvzPOY2JMM4Vae4t9hQBQMCgPaZIYP4fgfgrqePJWTD59pR7OzHcvn42fiht7W+/aZMNCTNjUcznHFHmGSZT0FhLd1sZe/jWg20bui93Vm3Xn2s8cqHzOtT0q/yIh7GhGLlzPiGXNETcvWG5dBgmt7W77KavqJRnINYqunMwWvNhDh7p8vPf2TtAIsu8mT9f9D/Ixxt8OO7fNwfOR3PhH3NWk8/CpyOBAQ3zNMR/HuVXu9DVvQMfWVd/iI4f4OAppngQerPIfyb~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:50 GMT; Max-Age=31536000; Secure
bm_sz=20C59BABDDEAA6FDE3E00E1B223F01CD~YAAQjtAXAmMR6IqIAQAABzNmixSXpOPeudbNMOwnLQKgV3KysWZOfesjeBGx5vvHuk9rvhG4FRt0phKs3dJEvSxKGrKKyb1x1kmwq8NRqv3prfBypn32tprnWKYFBrXxvvr51F7OY8f1rsTGv/KrZfebobH2BNat2iv2lF81F8B63aIY3AB7d1+QXnYZYVaeZdUIApmAExf185yRVs8lRhmE02byRixxbQCwAZuOwUzwIG4dfSeeLRrKJYhE4Bx9JkhIImo5tJFP9kX9bmA/uMJP/tBSanfhq4/Qzq3nElfuZLThOg2h~3289924~3229239; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:50 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc56_kf175_11685-64113
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 11:51:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=CetR7F2wUv1zhtYRFFiOSg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
23.36.79.34200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 11:51:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=eMHu20guwjEKzgI1CzgFsg%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
23.36.79.34200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 11:51:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=owstbLIWpDYQE7RrkcgI%2fg%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
23.36.79.34200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Mon, 05 Jun 2023 11:51:50 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=F2cjTh9OO%2fLBGdGJhgWPEkRay66Ka3gTZ6374LVhkZNnIZMIqK7tnKag6x6aJUpk; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:50 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--u949329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.132.220200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 36506cec109e886c2fa30e67fa49e47e
8399f5620788b101ed9a78eaf1f65baf25edc2cd
260eff872cd8eaf24bafae49c7183efc73d22bd4d8062a6c5d9c8d827f10f83e
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------424343035325588626722203468959
Content-Length: 171
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:1$_ss:1$_st:1685967709331$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CvVersion%7C5.2.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=5Y8dBcBPvkjmNBojOJWHkDzia00FTeraDnbnmkC46EfJvR1l6tXkiP2A3Xteh4Fq; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:50 GMT;Httponly; Secure
_abck=7D42C5EE5DDFCE0B1ADC7C0F8F4024FB~-1~YAAQjtAXAmoR6IqIAQAA9TNmiwq5J9190WUaTxvpY7RjxlbIkZheGbdWiI8CRpo3XpFfZxMjMOHIbNjgWDx45SBydlqruMKIBQdJ12A7PcIvtCogeluIxdAnI6GEz1Ec5EUn00KMozRR7/zEulN3EExY+6s7gHvzc834Zh/8J4BcEuLT2jDXD3hX49F5DZ/TVgynPCXSgzgIWcJgyJTqVWHbZ8e8PLR2hQbFFrIRpyE6p20mbQ4cRQ2xM1HuvVl5UQ13p719RQkVIe1kicZy+4wI2kPqRKrjolrzAhCjEdQ+/oClQRnWNJOqPnHTPAiwYwUzj3WU1Ot7FjFreqRMT43lMA1cqdn8BuAVsq6l+O2o+aJabIDz/H3RssrLj5k9~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Max-Age=31536000; Secure
bm_sz=23ED4B035598EDC6139EB39C2370F658~YAAQjtAXAmsR6IqIAQAA9TNmixQo8mLv5fSH4RuUY22sLl891TV8apa2lJVF7pFRxS9H5xL6v9QE676WDDktgnYYFIFYzUP/Knxi0NeeiyquAWh/4PEa2Lrkroc1GYfoUy7VoFpIrVhMlqb80SoD0z7AKGHibr1uViDvpWXrscNUm+NVlJXGtYoiIs+EUaDBu+TCL6T1dAKAozWa+2B1NH0lg/uk+d+p1xMd5VErad9l3Fhl6fM/PUztA4GcriI0LpmnT7u7Uqiu5aaXtV0r26zG6MSBKLcjrtXgX46JC8ATLRL7qQRs~3289924~3229239; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:50 GMT; Max-Age=14399
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc56_kf175_11844-59650
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
23.36.79.34200 OK 331 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65446)
Size 331 kB (331228 bytes)
Hash 6ef479c44379f2b9baec883c473a53dd
6d971f4dc64d2a685ca927c90021ebaa601c2726
11b00cbc413cf23b0f7d71dd7f65469d1eae548afbeaa034f0261307093d1d24
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=PsQJ7mk%2fzFkZYMZxP4ru0M1%2f1Gx4gn%2fNRHQKmeBM+DvL02yMwLCk+JmN4iasKQU2; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:50 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ZbHe%2f99%2fvPblcVm5kiSXuQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=xdUkLv2G2JPGoY2gM8yWaQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.34200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=M1FWY583Hhmnhg9Ucg3mZtYtBGuCKIAlIGTGOUIS4F3izFJlp0mU7UViMmOrut+B; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=AJJCqRhI92ACPZQ6Jpkjsw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
95.101.10.152200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=esbRR1luktdVxVzHU2bSwA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ga.js
23.36.79.32200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qLqAKI9oDHGK9lxH1zJuAA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
23.36.79.32200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=VQwKCb%2f5oraAqJ+UTPVV0A%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910857&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910857&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910857&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=BBhC6XERtpi9PGo01HzEy82bgvzfPr1EjUl+4dw37C2iQqM2iiSZXj6x3iJUEO9r; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11685-64134
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46%3A0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pv=2&f_cls_s=true
23.36.79.9200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46%3A0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pv=2&f_cls_s=true
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 0b188aba947380f5adfc2cbd1cef78bc
b2db65dc9a34137da577f5ee76f38a223e78490a
52c396b5f3169fbb1e1cb47ef66c207ceb85f012169d3a0fdc97efe6e7fa7be8
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46%3A0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; Secure; SameSite=None;HttpOnly;Secure
_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!6KUvRYp6n+FbTDJ54TfMmyz5FQ342fZr9/qhnxyhHB8d0EvlU0IyJtrdYTaldGqSdMCAF4w8gwYIOkI=; path=/; Httponly; Secure
DCID=ALUWYweaapJqxEX9e+gqfu8rCtrWWAT+xONkizR1Iw4%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
23.36.79.34200 OK 367 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65439)
Size 367 kB (366646 bytes)
Hash ed876d09f51c9e3bf7a72d9cd0c6ba70
1451ebd78f86e66969ac4dd31d52744cc68fd9a1
09d080b8cbf4892422de75f1a0f2ce43e3c9578cf6179674546782dacc6178f7
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
X-Cnection: close
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=0O3EwpIwTtK90vy3s9zbM1Mq2U%2fcqPob4GqLa+VQ+%2fMG62EqUoNb43F9htapsk9F; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:50 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--u949329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 969 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2441), with no line terminators
Hash 88836c498e23fde3c12f4207980e352f
f1fe9a9f2c9df00c4c98735fbd1f0b2b1ce33211
1b3c102019c097320059c4ac48bb1444e6e3afa543a4a082aaaf5e1f1bf9eaf6
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 969
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-b650fad0-fc98-459a-86d7-97602e072763' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:150; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:009a42d4-1a85-45c1-8485-ee34ccb753b4; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:009a42d4-1a85-45c1-8485-ee34ccb753b4|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:70; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=CC2C2147A3A55DDE2C17A350520E7505; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306050451511705335688; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 11:51:51 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!mWMzCHL7ybIzjAHz2xKqB3cO2dndHn63biX8Q8kaPHN88gj0AATRnTsVMps75wS2xjnAgG1WEpIFsU0=; path=/; Httponly; Secure
DCID=jSLgXC5T%2fTe53iV7nQapFONDbQk2TlO%2f0y1TsiJB8gqYBne5ykjnGZ04UrH7%2fcB2; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
_abck=700FC0B1BF5D18C941F8AB1A44EA3CEE~-1~YAAQjtAXAoIR6IqIAQAAmzZmiwo34YNJNkje0W9vqBaQ3dexs2XK6T9x3syBnm6XcU6Zi7sq1pIMlEI1aVIc2UlZF/7d/9lI37CpSrEXHRX+I8ZjUIiDfGpJWTN/0HAwW0wZSLwY6gkY1F0NePpHE8I5uivtjRI3qiFzNNZs/XEdwVM92kxYWEgzWTax/nWWvEJwWGpJXa+snb/csrYfMr5G/j5AWW7KRP6K8bkVXa74iJbvQrCXdAaie18ozy+DyKu36q40Jk4iB7XT/TP+0NhbTNzjDanDA7SJoAX59v60gB/xh1GYa3of49zVhHx6OLQwvEK2IWSkWyoLSrjL/HUf4fVcewEykJbB+siMxdqztAREapgHtTEFUyjqxeur~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Max-Age=31536000; Secure
bm_sz=CCE0816C1E67BE94DA46CC82765EF779~YAAQjtAXAoMR6IqIAQAAmzZmixTE7ko0fydIDOVL+vxV28vZDAHgKidMAo8VFWU+7mO01E5kYpKGGe36TbD7xtX/XU+RUEx2LyrxAi9hfSL/PYE9MX4SPrFcvgxmNZ0mOTNaovsMQ0S+CPVYe/Spo7oJMWR+Ma+0TIFaSqt59dxbY93BgU+Q4DtzLPhXmxScaXLR1/tdrnStS02dCcn6MHd7ciW0OCHxmqYgXwYjF9AC7y9FATqIf214Xwjqy6GQ8hi2PIldkKuUcsjKCjiCy5inc2RWrE3g7qvzmIqmzUc1v0qKiERs~3356738~4404545; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11777-60052
www--wellsfargo--com--u949329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 965 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2438), with no line terminators
Hash c74dc3565a59e026074842a700ad5ec8
e2ad718e27aac92ce6eca5e2e41540e262cb4ddf
b8e5c3a772d808c32bb7d5f52a6e0bd35e790732b445f01fe47761a246dd4d8f
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 965
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-25d6011d-6519-43ff-92ee-f2e2b9d41f55' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:150; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:057b886d-f102-4394-b134-453637689637; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:057b886d-f102-4394-b134-453637689637|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:66; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=2120065D2A5053D42A24A98E9787FE86; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230605045151902275191; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 11:51:51 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!stqHNVSUL/RJ6wnz2xKqB3cO2dndHiT6gZCr7HSMuGCWCQWNkCNzrvzl9PREJgZ6hdtGhcrRzY5Km5E=; path=/; Httponly; Secure
DCID=X7WWqELT+h7NABLK0a54FCXLXnt1B9yJutUjPLupD%2fGWW19G39Y7sjt0PVQV%2fTHJ; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
_abck=C6364117CFE9C3DC2DA18DBD1F7F4CDC~-1~YAAQlNAXAmT9MHeIAQAAojZmiwoMl0hhVyB3c7l+UJRBQCJjIqpPNJiXjqM9XKEj8J5YbzBvQLGooEeDxG/TF3c4b54Nec+iqHs6+uOqPc48potJeuLqW7Jfjdb/ZSIm8PsWx9uekCyHE2QXz1gcbX8J2HRUbqVJatoAtEBbZZQypifh8oaxTBuUuwyB8LY7bEWW969F+WVCguDHNbfN11Uaz7SERflJ+8CaIqyv0+dJCZT8xr2w2xF3i/1036UKKK+FSIEXQl04bfC9LbWXEJkxjkqMIi6uc+g1gnE2GEFfKvHaFdagfn5saR/uP2kjp/PtVng9afdjumeZhVrD7AodNAwQqwTtqtkmPvujIVOa3OQkM4cJFQ//qDktfszn~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Max-Age=31536000; Secure
bm_sz=F4985352002BAFFF6B3993750659A404~YAAQlNAXAmX9MHeIAQAAojZmixRku9sy53D1acW5UrI474plz4qGCZsEmPPnQUj4DXK+J6U1JVxaZolfHD8v1vBl1IY9Lt9rWkU/EyVzpCS+YGe7U/cld2EDKFbOQCqxnYIlTNqU+5a8nG5VvfN081snPJkHp4jRVzAFyI1y2F5MhFyL434wVJyPihU1vS1V8eF5RcczjT5NqyCYEYbZmX+QLssowKpy8ho/PbyVGMF39Yy0KUUQWDuH6CLJL8XfB/CGWnDtaMWopEnuLDg6nEI90VrpVhVR2s16fUcIwm+tDayh4+SY~3356738~4404545; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11820-62073
www--wellsfargo--com--u949329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 965 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2435), with no line terminators
Hash f1440e9948891b7dee070690b0eaa6e5
f501cf011f2794be081c45a6612c06b37f7ab6ec
bac642c7cdfd44ea8295766698c8bae0f1f9a9ae6a058afe96949e9f3b0ee44d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 965
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-942218c4-91f6-4910-a54a-310b7ac7baae' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:150; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a4173392-8866-454b-a2d6-2362f9751969; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:a4173392-8866-454b-a2d6-2362f9751969|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:68; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=DFD1A11B9306557F1BF59E8FB2CCE7F2; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230605045151716150503; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 11:51:51 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!Oh45gNIacUk4Kvzz2xKqB3cO2dndHtns/W7VxREvSPaBtJEQLxO9OLAvt9QNbQKxwTqZ7nUSyFSgsN8=; path=/; Httponly; Secure
DCID=VGiDXV5PYAaCoEerobGvW%2fW25ahZzqfg5zQH1aowlO1N7r4B97XilJvVFmreNif+; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
_abck=97DA24CF4810BBB5B78C1BCEE1CF8820~-1~YAAQlNAXAmf9MHeIAQAAwDZmiwrx+hHd0Z02QfUeMTSBYrsSyZU+PyuN/HtOO2ir304J2nBWA/Edrjarlja2sZer3uCMEqbgYZjKYDbcKpeyrUXuByj6c3z9tTrdUhStGrFSTnUeWh8/R/slAcRjGvDs8dUcfxC5dp4GbEkKQJ9I27sX291do4v+MKn/yTwUNJbXC4lvsMC53Jv4OidP+QDbIBZK0rZeY/h7vPK9ff9myYSQTwRvqPuOprUSgsg5IkQkErEKTbPC5nKjp1GLuyCyd14lwIeyApbhbgoPBARO0Dzt4ZCdL9Hzf/jxjA7Vt78AulnYiq3SRY5Yf9fPAHnIF1SCZDck3Dbbset7wa474E6bzSsciGLSHE0o82AJ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Max-Age=31536000; Secure
bm_sz=2895DA10F579EE288633C6F8528539D8~YAAQlNAXAmj9MHeIAQAAwDZmixQxJWuPlahRbIFsFFjfXF20aYWdyNsHcNMerNhn7RExMqVDPaDjppxwLnubu45DI4MNyIiDaTWtIleXYhL5R026r+1e0q2OVHSJzhY3qYX2FDUMRdZuPPOAADkS5dR3fcqwl6jcJsTwrVYYUeb7Nt9UseYETD3EnBOeu6QNc/DluqoA+yhKNsEG7np0uZMMAXRNnyHS2PsTN+cGslFJvHhc56Ram+RBEhoBigo0Ho01AkqSf94ph6ZzuXccXqBnYd/1d3aJJtD0ubyP33sGk5Vfrar3~3356738~4404545; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11937-23472
www--wellsfargo--com--u949329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 968 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2442), with no line terminators
Hash e5e8bfd7fd566b83da2b1182b8962c61
66ad796739851e1e72a60d93f37467698a10f560
529e3481e5a32ee7643675ba060901ecd7e8bec501a389bfe08940d22a90eadd
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 267
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 968
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-41a656d0-5822-4062-b017-b5438f2f355a' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:150; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:8e6456e3-066f-43e4-b4bb-fe38d8c41116; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:8e6456e3-066f-43e4-b4bb-fe38d8c41116|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:72; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=F64E872266E02E267C308AEE605B94BD; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306050451512060234361; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 11:51:51 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!/dJTHcpgQyJHuAPz2xKqB3cO2dndHtgIoZGyjZ4sbtT+fOOvfvWxr94WcTcGmGIfJL/H/H4hsu60qnc=; path=/; Httponly; Secure
DCID=3kZCDOVQZXz+qYXuFiwiFloRLL4nLLIoBfJkJ7R2X5Q4fnC6UdAL1qbzDFrEyXiF; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
_abck=B510451C06DA8BDAF883D7BFF0504C4B~-1~YAAQlNAXAmn9MHeIAQAAwTZmiwpmd5LTmkjM8tOM4/KjcRYsIcdk+LK8tEIHuipS9JqrVXfaraaH8fEvU6rFjAhB2uwpOtHbY1s+SfE5Y+/hB1ZMJKk876EkPz16A86lJdzNxxzZqE4rRhaikAGJyHwoDiBIp64qjf0jWlbG3fQePLrLjzQeFdrUbquXnzuzRCjSt3WNBKh+wsOT5GUEtPZAMJUNnE7+Y3pYBn48DppABuw+fwkERGLFhxU7tFjl8mdwVaoXh9I83rEqBfeeuewYo077apTaM9o2/YrCYRQmiFchD+l0mM8Vou5LYAsRay7KMSYCACbSTbzGkPCoHfV5oLg6HQdl2ggpZh2mAFaE/3NUGEczwId6hBmX3QlY~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Max-Age=31536000; Secure
bm_sz=821466B946A02B425EC074DFF3AA2040~YAAQlNAXAmr9MHeIAQAAwTZmixQSndqV+4JoZASUtTjZvpzzwAXojQybRV0gWEtSn6KsWV522dMznIogjOeBEGUgB4VCneS3ux6LyFZq6tMKuT/DT9b1yUyK0OrWJ8HqD1PWPaE9EWWTLABWbdh27v86cbzkfVuVE3y8H/PkuvC1+hDhOvJpoBiwy3KKpuiVPOnSH8cr2mdgErwYBiO1B5bHr1ZnlZcKRPhSe0b7rAhlBZEveJHqwt3FUyjORq4iOIoNkBziJ/AE6MIpzDD3sqHEv3YYh/H4L32cQ+GHrwibpgdpnqsK~3356738~4404545; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11844-59670
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910977&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910977&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910977&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Tm9R8zXOeK7%2fgsR4Ct6JQRgH5TjrZQc%2ftvf8QLB1rQ6eaYQ9a2ixUdb8UrnwZzri; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11820-62075
c1.wfinterface.com/tracking/ga/ec.js
23.36.79.32200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=XzlkUvp1hVFtu3A3kUyZ0w%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/glu.js
23.36.79.34200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 62b78c9e82e24334915fd912a0228beb
e540685e2a32604016b1f03a99efb67f33bac935
b21c46b76851edee19f8b16c44aa8e0f25cffd5a06ca3eeda74a1010200dc153
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37152
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=shHOZhCoJ11C97DqM1NI3xQ%2fsf3j6Sy6u+kBoXBch4H%2fDnNd9dqmdo141Q2SWBF+; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910983&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910983&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910983&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=FFxZySwXp8Y0VU9MBkubDyENwq5%2f%2fuK0pxqHcDZ2h%2fYVmb6B8I0e7MHTZsElfaUi; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11685-64139
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910989&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910989&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910989&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=5a9EzIHB0q6%2fgawiO6pzeW6U1XuI7lbFu23rCoh8kVgBaMIwIXLMEwgdgW9YXWZo; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11777-60055
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910999&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910999&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910999&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=9SDouGIy7zsYB4aS4i8rBM61%2fCPg7TCwU98wfBS8I5wzzuNZEuL5AwY5nSB8zxEP; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11937-23478
ort.wellsfargo.com/securereporting/reporting/v1/csp
23.36.79.17 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 2b47cf2a-c2a3-4c47-524e-72f325be9b35
X-Xss-Protection: 1; mode=block
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:3f56923e-98e6-4b1e-ade0-9c1a7481163d; Max-Age=30; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:3f56923e-98e6-4b1e-ade0-9c1a7481163d|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2; Max-Age=30; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2|d:2; Max-Age=30; Expires=Mon, 05 Jun 2023 11:52:21 GMT; Path=/; Secure
DCID=ftAb0o0nSzx6dTXOM8U4lYL21Wm3b79HYOcW0quKg6w%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
_abck=B651DF091B36D56945928828091ACDAA~-1~YAAQDU8kFyAvRm2IAQAAqTdmiwrK7wVNcwXWLFQA2yIBP4Hdptio6FicaoObWozEtadM3nB7H/70ak+6W1iwwg+iDWQblZ+b6J4jvoDKWiXjwBwX8t2eLvoc05n4IdSApno240WHXQpIgSdVppaj+OiOROzGzohNZ+btpX+jt/lI6/D+XjVaLUivfRKxyYF2FgW3ODHnZ8+epYTVP+I/aTfUMJywWQ3W8OROsKjhcbXQLrlNRdMnG25ixXr4gRZV2Z7csNM648G+wnL449kAqMTx5Z/H4TOs2SYCj1KW3Qx/cizOtR9CdlKGDusNI0QcTK6Mn4YlGEwASFszhSx+ZbzDfQowZMnkYMnz5IkfIv9KGyRRk6LPCPb3oN88Dreu~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:51 GMT; Max-Age=31536000; Secure
bm_sz=5F734019A32FBF359A1DB5F0F5F53B0E~YAAQDU8kFyEvRm2IAQAAqTdmixTRBrAqIiuXmrEyBdB22A23xtUBsaA8mRDq+HBdKP/ydqlU7eiTygHfzpSPoa3YVjbXZNP5hGN2nxvIft7DVriio30EvWyVhuzPE91llKiaXmKpKZoNPcCTa8D3nNM/MV8N4tyxHrZpSHJhGCT4tBnXA2GBJZhtAnJLZkpGto7KI8EnAWhAAcBdyCqrbsEH8/gXoARTgvKXS2pyn7lsQZzyMupAEgYxJUO40krRGC6MkOi3roVJBBd+rXVMycjeso+q28bd1LIxskQ5jPN/3xIBpPGU~4404793~3224115; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910994&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910994&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965910994&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=UiQed+oev%2fzpvFAx4Jut00rCMnuzsoUDhImsn37iAvehr+dCeP6AEfI0pEZnidJG; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11820-62083
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911010&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911010&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911010&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=qeZb8O71X6j8hO9B48C5xlH29GEOnwJFMAh7J+K5B9zd5Cht82Mq0irUiKAfYZPo; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11820-62084
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911015&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911015&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911015&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Mv5JhVTncl8ONWrF66RbJv8ABsopaHDie0X0QUDk8dBgbZ%2fcHH71Zo0h2HB37JKH; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11685-64149
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911021&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911021&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911021&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=NNTfhpgZ8q3bAzgXccQAuEAN42hfpRUFhlRYlyyukfOZv88V+tM4v2hYZmlizr7l; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11777-60061
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911028&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911028&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911028&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=0VMaIsEhuCfr3IqY1%2fFJ61apAn8DAMhrppZGblb0rbc4dNFCWqUZMmT8z3HQhQb8; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11820-62093
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911025&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911025&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911025&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=dj2fy7aqsKdcThBB4wLyqCbKTTDq4PfWtpwIJvNyt7LkwxtG9WpzmziIOfhRP4Op; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11937-23483
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.5047469044143639
23.36.79.34200 OK 136 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.5047469044143639
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 136 kB (136526 bytes)
Hash 380b8796292bf9053a979e7804c785d2
fb3b164cdc0f1021414bab7de780b14cd280b85f
05bf673d61a5950cb8817ee8a4cd4263823528f960d0981801e9e659a07107d9
GET /AIDO/mint.js?dt=login&r=0.5047469044143639 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136526
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 11:51:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=J296ssm%2fPM6kBaoXOvaCn5ULBsDWAw9VImjVV0zt1Q8%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911031&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911031&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911031&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=QV9TMEOnfc%2fXb%2fJm9ydlTrpUhisXbFmttH83zwvzZ7wOpKR38cuzjnr7NB1X%2fS3T; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc58_kf175_11820-62095
www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911003&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911003&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F&cb=1685965911003&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:ba4be2d7-8750-4ceb-8c3c-15ab8a802f95|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:150; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 11:51:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ZBFihLPw8ikZ6fYNnwiVvea6KFZ0yiPIX3lNiNmgfgXC2bnV3hjLa17LdwNUydWO; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc57_kf175_11844-59677
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.044011026392814734
23.36.79.34200 OK 52 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.044011026392814734
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6dd8f9c5840c3a7d00bb2398e0e36822
4e93e65c0c89fb524e503642c5cc559daa16b8ee
91985bcf53e741a78f3275f1a02b7d7ec6413c0af736f380c66c29c660066d64
GET /PIDO/pic.js?r=0.044011026392814734 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52531
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 11:51:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=mKuchwqMjBj5DVYOpauFmfLz6IaXIynIxGv0Wd80kVk%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
23.36.79.34200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash eb41964290d3608b18c0614d4d80cb08
51c420ffa97707f0aae26197cfd5fb5714f12b80
952c3a5d4d44c95d35cbdeadb97c7e8a4e7c02300ad4e0373ca0ac626cf048e3
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17823
Date: Mon, 05 Jun 2023 11:51:52 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:fcb12593-50db-4332-b0ca-c7bcca45793e; Expires=Mon, 05 Jun 2023 11:52:22 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:fcb12593-50db-4332-b0ca-c7bcca45793e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 11:52:22 GMT; Path=/; Secure
SameSite=None; Expires=Mon, 05 Jun 2023 11:52:22 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Mon, 05 Jun 2023 11:52:22 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Mon, 05 Jun 2023 11:52:22 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=LY7do5QC0FiqiAFFdhiYsUZo7XzKk0fHwTE9XwU7owW5eQ50JYxtg86qZX2DiWe0; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:52 GMT;Httponly; Secure
_abck=1F0FD00340543F40D82CE39B456CE49F~-1~YAAQHk8kF7FbYW2IAQAAQTlmiwqF0RMdVbQH8B8meImvP6eleG5OTWErUuYNK04A+PxLMpRdr+7/J0W2LWhUX5NJ44NPzG5vGPxBAQQ/DyRnPnSLoCI2m7LI6ULJAQyq5KVR/wFR7s/I8OvCFMv6D8xATCN8f2fi7c1dl0Dbnh6JnFd9L1oKXmHbsphGxeaFIcPwxH35ZwR71LG6mQj1UTg5a2b+lJTM98e+ct9NllmZeoOXfVCwbD1BsiCITrTeiqNYz7xjClT6EQ5FwgwetS/U+jIpm89a9Mpr+HyPsZlGnGMfEIQZDG5peb/wtHI26SFCnym5/eYS4Gg2RvbKP4C5AK16LgTSKX9PVUvi7W4p6e7T8UoMQTCFkgvdXGGB~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:52 GMT; Max-Age=31536000; Secure
bm_sz=6CBB50C2ED28564A7341CAFB6F38252E~YAAQHk8kF7JbYW2IAQAAQTlmixQGZREgb5hVIdx4jZOqKgFX2r3BhcUHFZigpiE80dXNndXfxeF+hVnZWocBHKwTxv5/TakTS22WgNjP2RoETkshdpHam23S8RT5tboaZEu60VTdSwQi0giDRKLtTz1Cwa61n1R8Z9RNBdjbgzGNjHAxMWUWE7W5P6CxZ4xIcLyVTPpIWrAVUMJEeSGGW4aa/Nqf8VDNFgomOXLIRpi+EpeZm8ss/YmYdG+VfrEmG6CUxs6J5HCx5zw9ATADJtf1wGijaCM/1jJ7kk4OderKD3enc5t3~3684406~3556918; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:51 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBPbzFBWjJ0MVJUc00wTXM5RWhnS1FWSk9FL2dPNHJtb1NSSzR6ZUl3WEF6WFRtMDJ2VjA1eFpWOEMyMUF4QWJqMGhvSHF0SDRxeC9RTWJwOVVvMWNDNW1yK0Z0bDhybUwwTEpwekJkQmd0ckdpVnovTXZWV1d3eitYOE5rTVBOUXlOalVIV3RCSVMvV2pSYzIrT0tRRDJITEFUUnBUUU1ZRjlDeUo1WHZtSEpwdjBuUENPaG9FYlR4azgvYm8xTnRRNU52NUVPYzZkbFc5a2Z3eXJETjFycTErRWFERE9Zc1RSMHh1UVRYUFVVbU1acHlBbHNLdC9tWU0yUExRZ1hSZE1TeVYzRDFyMmRxOWg2ajcxZG4xR0ZvZkxiT3ZvcWprNHNUTUNJPXxjNDY0ZjM4NmI1NTE5YzQ4MjRjNzJmNGM0NDhjODRhMzFhNjU3NDBmMTgwOGQwOWExYzg5YjQzNjcxYTE2MThhM2E2MmJmY2E4NmI3YWY5YWQ0YjY5MGIyY2E5NDIyMTZhMzllYjMyOGU5MjQ2MzQ4NTU4NmQxMGM0YjI2OGQ5NGFhNTk3ZmI0MGUwZGI5YWEwODEyMThkNzY1MDlmYzJjMWM1MzVjMGExOTc1OTlmYzFjNmU0Y2Y1N2RhMGQyMTA4YTE5ZjMzYmM2Y2ExYWI4YWY1ZDBjNGEzMTUxZTU0MDY3ODMwNWM3MDRlMGU1Y2Y3NjM2MTcwMTM4ZmU2OTRhMTRmNWIzMTZkYjQ0ZDRjZWIwODZkZDRkMjJhYmQ0MTMwYmZhYzUxYjRmNzdmYWYxYmVmZjFjOTRlMzcyYjNkNjUwMWJkZjYxNmY3NjM4N2QwYmI0YTBhOGZiZTZhZDIzNjc5MTM4NGMxYWQxNTllN2FmZDk3MTgyMDY0MGFlMGU0ZGZiNTc5NjExNWY3NzUxYTlhMjU5MmYyNjJhMjZjOTQ5ODI3MTExYWRlODg1NzA3ZWUwMmYwNjhhNjc5MDYwNTI1NDNjMDFhMTcxMWJhOTZjYzE3MDBhZWNlOTAxZTZkOGEzNGFhNGYzYzc4NTNiZTYyZDMyY2ZjMzVjMzM4MnwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com&t=jsonp&c=mbdrbxhauosm_goi&eu=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F
23.36.79.34200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBPbzFBWjJ0MVJUc00wTXM5RWhnS1FWSk9FL2dPNHJtb1NSSzR6ZUl3WEF6WFRtMDJ2VjA1eFpWOEMyMUF4QWJqMGhvSHF0SDRxeC9RTWJwOVVvMWNDNW1yK0Z0bDhybUwwTEpwekJkQmd0ckdpVnovTXZWV1d3eitYOE5rTVBOUXlOalVIV3RCSVMvV2pSYzIrT0tRRDJITEFUUnBUUU1ZRjlDeUo1WHZtSEpwdjBuUENPaG9FYlR4azgvYm8xTnRRNU52NUVPYzZkbFc5a2Z3eXJETjFycTErRWFERE9Zc1RSMHh1UVRYUFVVbU1acHlBbHNLdC9tWU0yUExRZ1hSZE1TeVYzRDFyMmRxOWg2ajcxZG4xR0ZvZkxiT3ZvcWprNHNUTUNJPXxjNDY0ZjM4NmI1NTE5YzQ4MjRjNzJmNGM0NDhjODRhMzFhNjU3NDBmMTgwOGQwOWExYzg5YjQzNjcxYTE2MThhM2E2MmJmY2E4NmI3YWY5YWQ0YjY5MGIyY2E5NDIyMTZhMzllYjMyOGU5MjQ2MzQ4NTU4NmQxMGM0YjI2OGQ5NGFhNTk3ZmI0MGUwZGI5YWEwODEyMThkNzY1MDlmYzJjMWM1MzVjMGExOTc1OTlmYzFjNmU0Y2Y1N2RhMGQyMTA4YTE5ZjMzYmM2Y2ExYWI4YWY1ZDBjNGEzMTUxZTU0MDY3ODMwNWM3MDRlMGU1Y2Y3NjM2MTcwMTM4ZmU2OTRhMTRmNWIzMTZkYjQ0ZDRjZWIwODZkZDRkMjJhYmQ0MTMwYmZhYzUxYjRmNzdmYWYxYmVmZjFjOTRlMzcyYjNkNjUwMWJkZjYxNmY3NjM4N2QwYmI0YTBhOGZiZTZhZDIzNjc5MTM4NGMxYWQxNTllN2FmZDk3MTgyMDY0MGFlMGU0ZGZiNTc5NjExNWY3NzUxYTlhMjU5MmYyNjJhMjZjOTQ5ODI3MTExYWRlODg1NzA3ZWUwMmYwNjhhNjc5MDYwNTI1NDNjMDFhMTcxMWJhOTZjYzE3MDBhZWNlOTAxZTZkOGEzNGFhNGYzYzc4NTNiZTYyZDMyY2ZjMzVjMzM4MnwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com&t=jsonp&c=mbdrbxhauosm_goi&eu=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 61741d95413156f8ba4121defe62873f
eeccd87400d125eb8687dd0c411f5b1175a455af
3c7ff6f9a9f7f6da4dd8a7ff766d6de852c901d854e087e0e222140782b2b8bf
GET /AIDO/vyHb?d=ZW5jZEBPbzFBWjJ0MVJUc00wTXM5RWhnS1FWSk9FL2dPNHJtb1NSSzR6ZUl3WEF6WFRtMDJ2VjA1eFpWOEMyMUF4QWJqMGhvSHF0SDRxeC9RTWJwOVVvMWNDNW1yK0Z0bDhybUwwTEpwekJkQmd0ckdpVnovTXZWV1d3eitYOE5rTVBOUXlOalVIV3RCSVMvV2pSYzIrT0tRRDJITEFUUnBUUU1ZRjlDeUo1WHZtSEpwdjBuUENPaG9FYlR4azgvYm8xTnRRNU52NUVPYzZkbFc5a2Z3eXJETjFycTErRWFERE9Zc1RSMHh1UVRYUFVVbU1acHlBbHNLdC9tWU0yUExRZ1hSZE1TeVYzRDFyMmRxOWg2ajcxZG4xR0ZvZkxiT3ZvcWprNHNUTUNJPXxjNDY0ZjM4NmI1NTE5YzQ4MjRjNzJmNGM0NDhjODRhMzFhNjU3NDBmMTgwOGQwOWExYzg5YjQzNjcxYTE2MThhM2E2MmJmY2E4NmI3YWY5YWQ0YjY5MGIyY2E5NDIyMTZhMzllYjMyOGU5MjQ2MzQ4NTU4NmQxMGM0YjI2OGQ5NGFhNTk3ZmI0MGUwZGI5YWEwODEyMThkNzY1MDlmYzJjMWM1MzVjMGExOTc1OTlmYzFjNmU0Y2Y1N2RhMGQyMTA4YTE5ZjMzYmM2Y2ExYWI4YWY1ZDBjNGEzMTUxZTU0MDY3ODMwNWM3MDRlMGU1Y2Y3NjM2MTcwMTM4ZmU2OTRhMTRmNWIzMTZkYjQ0ZDRjZWIwODZkZDRkMjJhYmQ0MTMwYmZhYzUxYjRmNzdmYWYxYmVmZjFjOTRlMzcyYjNkNjUwMWJkZjYxNmY3NjM4N2QwYmI0YTBhOGZiZTZhZDIzNjc5MTM4NGMxYWQxNTllN2FmZDk3MTgyMDY0MGFlMGU0ZGZiNTc5NjExNWY3NzUxYTlhMjU5MmYyNjJhMjZjOTQ5ODI3MTExYWRlODg1NzA3ZWUwMmYwNjhhNjc5MDYwNTI1NDNjMDFhMTcxMWJhOTZjYzE3MDBhZWNlOTAxZTZkOGEzNGFhNGYzYzc4NTNiZTYyZDMyY2ZjMzVjMzM4MnwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com&t=jsonp&c=mbdrbxhauosm_goi&eu=https%3A%2F%2Fwww--wellsfargo--com--u949329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 05 Jun 2023 11:51:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=hpZeVJndszxHT9FcEyOeodXfVTSrauWE8m5%2fvPFCUYA%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:52 GMT;Httponly; Secure
_abck=C705359DFAE00EF40D58BC7496FF1D21~-1~YAAQHk8kF7lbYW2IAQAAEzpmiwqSoPcEb7GqmXkRckwP1aBty3jS8s0f2Hux3FDcVXljTkzn+YhNAVNnkN94hiuYrrRUoMcFN7BfsIEa+v/sNDMCODfOxZMDhX8ECVr/NF/EGcm+yua82eoICL3vH/GiWc7wRUMG7MEtOLnng3OQpUegypmJ9O5GWZNsJB+R5oYzsy60zvHdshK7kQuz9StcBoenIy+IhvPGDmtpZ+uAYL/895wwJOXaaeKXt6LueCL7se1tQNbCRRhLVOzKqIQDJoT0qwr+1c+p/XVetgNruXMUz8xwiI4UaSJ7oKbDhSjf8yILGMBt8sWjW4TSUeNUK5tVRzvt91pSm/HU1X5UYRJVsy7VOPM8JbLUAY+t~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:52 GMT; Max-Age=31536000; Secure
bm_sz=3A117FD9DAFDCA28FEC36020E8DA1B1C~YAAQHk8kF7tbYW2IAQAAEzpmixSY6LPDywIQHHnLlbBZ+qFKIP7cFNdpW57+0Wh8Q1LjcRIaiqcrRW2dpkCHxr3tJ/8EPpQTsk2AavYRwsCv2HIe7ssP/7tZOcbEngta7lSpAlygtnGj3u3i49nqa+NVtr2EgARpO5sXojtc9GcYibE/xrsxnW/88IpbWLdTkK3Ntg/kMJ22Vynvtxf1kpgQm1Pqz3PCZ/DAM5XEgKDVFeDEfRRHEMh6mHi6SV6B8YTtOBhXVP9mxjnFB+VI4mkzOJiD+gLpwQoCLsOxW6W5zDxtnsa3~4539700~3360313; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--u949329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.132.220200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 51373863b871733acfecf49caf0ca7ec
4a5955fe911639f05fde709466cda87834f556f0
9d2b5f18e1876d847d96e9f02b03c959ba0d95dba286ad1e2c65ab5e4ddf86d8
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2044
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0; _gcl_au=1.1.1912066688.1685965911; ISD_WCM_COOKIE=!/dJTHcpgQyJHuAPz2xKqB3cO2dndHtgIoZGyjZ4sbtT+fOOvfvWxr94WcTcGmGIfJL/H/H4hsu60qnc=; _ga=GA1.2.1369536907.1685965911; _gid=GA1.2.1854740998.1685965911; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:8e6456e3-066f-43e4-b4bb-fe38d8c41116|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:72; LSESSIONID=eyJpIjoieCtnVHFNY0o5cTRTeEFDK1VlTTl2Zz09IiwiZSI6IjRQeG9vRzdRWWpVOFhEYkNCVERXTExITk83XC95K3Nsa1wvY3N0a1lEcEczR3A3NjdsK0VUQXZGVXNWTVEzRHV2Z2hKSlE5RnQ3WFJqb0hYNXN1Q2FXS254cUdTSk5wOUV5YmhCWkt0bXlnTzd2Vjg0c2diNG5FQk84ZUxFSTBVS2NteVJ1aVwvQXhHY0QwQW1rSitucUpIZz09In0%3D.a0498ddcfe6f68ff.NGUyNDBiYTQ3YzI1YzE4ZTIzOWY4ZDU3ZjZmMGNhMTQxY2Y2NzJlMGYxMjM0ZjZjNDA1Y2IzNDkyOTY3N2VhZQ%3D%3D; ndsid=ndsa8bl0uilu0ygliiskni2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=udcRx4hKw0biV6oGyxKYuPb7lT4tH5b%2fiMaGIYLXEoDOLahjGY0M5QIqgiB26wzS; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:53 GMT;Httponly; Secure
_abck=74400A213BF18056F3D70AE3732AB746~-1~YAAQlNAXArH9MHeIAQAATj1miwoMhy7f2G9ke6Afl13g0RnoyyFCx5Ocv0c4KCuLsGXZoxkav8la4DRQDI7yOJAjMqI4OTNVzb57tjdgNNdT3MS+woDjV+jATtbi4k44G0Sh/LqJbptfZenkCIMxaZgy47otJzR0lRrFL1q+D2tkubPua7RfDsC+P2Le33d0W887OBQXr7aIXIWOFlm3tvDYLfUWKEBdDK1U4QABFWlTwgP0QrzzVdsi/xULrPUsjOin5ZWk3Z/32F5P0CCoM7KS4YsJiE7agGQ2B+LUYZwB3Tb5SMxueCoKebMvMrYY9vks2uhxD3lvEjngfy0+t8YQIXKAI6Y3d7McqrLzAcxpSqTqJVAf+lbpfPXIAfPj~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:53 GMT; Max-Age=31536000; Secure
bm_sz=9CD46C050B603061DE4F098DF82465B9~YAAQlNAXArL9MHeIAQAATj1mixRIVXtjhs3rRYmWDmxTXULiikK3/8i4AenQ9Hxz3CykzfkSbDjmhJr0F/SAcVX3KVSPdqw2LjgjYl40XpO0fFk93cLUCoNyRmBqWLiANLaHKB8EcFohycct75FBPSHjw2WE0G453HU+5lvUO8oOPo4200SSw0gERb1WOr33JCHmuT8radkyTceFG1K8/f5OsbWxUjBtGkVQhB/+ObregfXaucbtRMx4r791eqd0y09Fd8LxRYjvSY9bl8P7FywqU/lza+NErTOrIxmxaMTT6dWM5edU~3294775~3752259; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:53 GMT; Max-Age=14400
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc59_kf175_11685-64180
www--wellsfargo--com--u949329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.132.220200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 545c2402e521e5247bab5c8d0a893116
d0ce43c15b8b3f17c49eade68334290539a7a804
6b6fd8389d4fe370acbd9e0ad790cea3b65acd4ddef34d9ce03cf37ee1e6f868
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 852
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5o%22%2C%22diA%22%3A%22AVnMfWQAAAAAeRqmMgzl%2FZdSn5sUREnm%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0; _gcl_au=1.1.1912066688.1685965911; ISD_WCM_COOKIE=!/dJTHcpgQyJHuAPz2xKqB3cO2dndHtgIoZGyjZ4sbtT+fOOvfvWxr94WcTcGmGIfJL/H/H4hsu60qnc=; _ga=GA1.2.1369536907.1685965911; _gid=GA1.2.1854740998.1685965911; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:8e6456e3-066f-43e4-b4bb-fe38d8c41116|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:72; LSESSIONID=eyJpIjoieCtnVHFNY0o5cTRTeEFDK1VlTTl2Zz09IiwiZSI6IjRQeG9vRzdRWWpVOFhEYkNCVERXTExITk83XC95K3Nsa1wvY3N0a1lEcEczR3A3NjdsK0VUQXZGVXNWTVEzRHV2Z2hKSlE5RnQ3WFJqb0hYNXN1Q2FXS254cUdTSk5wOUV5YmhCWkt0bXlnTzd2Vjg0c2diNG5FQk84ZUxFSTBVS2NteVJ1aVwvQXhHY0QwQW1rSitucUpIZz09In0%3D.a0498ddcfe6f68ff.NGUyNDBiYTQ3YzI1YzE4ZTIzOWY4ZDU3ZjZmMGNhMTQxY2Y2NzJlMGYxMjM0ZjZjNDA1Y2IzNDkyOTY3N2VhZQ%3D%3D; ndsid=ndsa8bl0uilu0ygliiskni2; _imp_di_pc_=AVnMfWQAAAAAeRqmMgzl%2FZdSn5sUREnm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:51:54 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=1Bbmt7R8lBYGPkgBcVyHb8Zzpxo%2fHixAJBn%2f9TEi5prV+MkZiXKl%2f4UX7lq6p2BB; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:53 GMT;Httponly; Secure
_abck=F312F5516E8EA64E4B68C8D44E1A5AB7~-1~YAAQlNAXAsP9MHeIAQAANUBmiwrBQUV7HzxvmvHv8YaL5NMny9JPjdWDGMovxwsX1+DBzgSP40SvVuZZjaZGgjyC9nYg7IUu8iDOi4PSCQ5k68ZjfavZyly6oerQJ4s27wMmBlT9O06W5avCsbdebGo8pIiEqc0+9YjCOHGIN+FeIP2sFmJfPXqF7XAnBwxaef3+YbwpYp7Yjpfbq0Cvc1eOrlstIvDulnScPD69iI76TDxNQTv7HYwwq+1HN3IqTSBQZ7sju+MBBkuyExtulNAqcXq+j01DmRsgxuAf29F+IzGZcJyPyACSjJmLeE8m8WvVhMdmR9jkuAI1K2kwTxaKH16zT1Oqtj/LebEzcaA4Y4dJM558Mu08qm7zk0+x~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:51:54 GMT; Max-Age=31536000; Secure
bm_sz=19AD7B146FA8AA670FD8C799C104D628~YAAQlNAXAsT9MHeIAQAANUBmixSqGxUycxltyr9p1G/mINHf9P1E9+pkaNAKwR7och7ENHlun2OrenRrVX6Dguy4EmArfgAVr6bdTO3B/DmZqf7QIizLlOe0B7lMro73UMWrymgTs5kkpDYfX/SmpUaU2ZA3JcW3ZEtBv3o6YInW/lAvhG/zUbbDfQpSyh/3XpUJiXDYpdugGTnojjYKWJv7JTQH5ha0lw199l5zRt6Zrec9u00qB4ciNAoNVelMNIhANGgj1fQqONJl6QomyNxWWy0CJ/YuVgDXCwtyOehePig6H1fk~3294775~3752259; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:51:53 GMT; Max-Age=14399
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc59_kf175_11685-64194
www--wellsfargo--com--u949329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--u949329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--u949329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!GEplG4FQ5fvEMZ0v/BdPMOHVwv+ySURYCnDgf3ScfvEktPoAMjEpM7BtRjeRZmcDOJyGQeRWygpKvwg=; utag_main=v_id:01888b662d520072770db5ae5ba405046003700900918$_sn:1$_se:2$_ss:0$_st:1685967710700$ses_id:1685965909331%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQwHboJwrg7F8Cmqt0TWocdON%2FObpXvYrV4iyzCRmJ4%3D%22%2C%22c%22%3A%22eXd3ZVdQUFVMWWZXNkowdg%3D%3DfFuTJxgvFDVWTTZ8NjIFsiXKKZFERdfo5Sxmkk9rdoIWEIiG4DZzaR5g5UaHGbzN-nQv56OrOIO4N5ZNwazgkOXdfnwmrtYoxF8%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtbVq5oxSrPORfN8mIFmX7%2B%22%2C%22diA%22%3A%22AVnMfWQAAAAAeRqmMgzl%2FZdSn5sUREnm%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22SyuB-eWapoN-Ys1iqK9RVw%3D%3DrPmCxzWzNLQqs8GINnMmIBe03PbCyJsF2xag1OE09xzSMil4wTLA6RiabMZk7EoTVtk7MBjvZw-CzkA88QMvlhlo9xLnJa5o3D3p27kB6hcMoAYvjrSNT9DY1ISwuhkyaD565NJvd_eM__Q_LVJyB-RoXC-6hZ8P4vTTh6WOsv-eJqXsznEtOqix%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAviX7xCs0XkA8Uw%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C56256362894255558727801816144449063958%7CMCOPTOUT-1685973110s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0; _gcl_au=1.1.1912066688.1685965911; ISD_WCM_COOKIE=!/dJTHcpgQyJHuAPz2xKqB3cO2dndHtgIoZGyjZ4sbtT+fOOvfvWxr94WcTcGmGIfJL/H/H4hsu60qnc=; _ga=GA1.2.1369536907.1685965911; _gid=GA1.2.1854740998.1685965911; _gat_gtag_UA_107148943_1=1; ADRUM_BTa=R:27|g:8e6456e3-066f-43e4-b4bb-fe38d8c41116|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:72; LSESSIONID=eyJpIjoieCtnVHFNY0o5cTRTeEFDK1VlTTl2Zz09IiwiZSI6IjRQeG9vRzdRWWpVOFhEYkNCVERXTExITk83XC95K3Nsa1wvY3N0a1lEcEczR3A3NjdsK0VUQXZGVXNWTVEzRHV2Z2hKSlE5RnQ3WFJqb0hYNXN1Q2FXS254cUdTSk5wOUV5YmhCWkt0bXlnTzd2Vjg0c2diNG5FQk84ZUxFSTBVS2NteVJ1aVwvQXhHY0QwQW1rSitucUpIZz09In0%3D.a0498ddcfe6f68ff.NGUyNDBiYTQ3YzI1YzE4ZTIzOWY4ZDU3ZjZmMGNhMTQxY2Y2NzJlMGYxMjM0ZjZjNDA1Y2IzNDkyOTY3N2VhZQ%3D%3D; ndsid=ndsa8bl0uilu0ygliiskni2; _imp_di_pc_=AVnMfWQAAAAAeRqmMgzl%2FZdSn5sUREnm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 11:52:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=K+13Z5FRfIZQygz%2fmuK%2fRz4Dwrd1bPOLnhzx%2fe6UYXRf+uLQwWTv7H16Hs+BftFQ; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:07:00 GMT;Httponly; Secure
_abck=FA34EB3E7644978B524DDC78A9FBAEF0~-1~YAAQlNAXApH+MHeIAQAAR1tmiwr1kZ4KsjJoWlsuz1D09/pW9IVoWgm5NLoQZG2Z3M8tpoBNHjBHrIUpe0Grru+cXiQgGPSN8EY7nl1ojS8dKd2af9oW7P7yixYlnkAEePFr3O9XGHm6LimoEMgQvZ5l7EuTN99aap5qL/ypuO5BPEE+WPb05nmYIhblUZ40mUU9R7i/6ZOW7J3AyEZRPewvRYy9O3aZdTZQlXGQf+7BYZHWdNbuBxUsOt2rWEGUzwCU1pQMvXCgB8hirknBspC1u9hLDWARX/KWKPz3qD0dKSf69zq14VlQD3TI+t1nDJCDV8qMRk+P7OMTK0pGIuFy6t6d5wVTyDR1lHq+wp57Vo8e4hA31F7DMBtDLYy2~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 11:52:01 GMT; Max-Age=31536000; Secure
bm_sz=7578F207017F66365DA20A6133A2BE5C~YAAQlNAXApL+MHeIAQAAR1tmixSAWIpcturheGTD7NcYZ2VkZe6QWNQfiPkX2zyaZkDREW63AR73s3qsjUytYQ0AaQz8nzgYPacs+3S79+JdN9YC0gD7NMR62XPMX6+RG2wtqttp0hxTHhArCSIaZMz6WBYqC2NuuSZUS0F7G7FAUZUENDjNx53xWhnrDyNPlvmawODWgebD/mYd2uaV4XjO77TfY14WScfpXpBXT/qmlxp78b2nuJobuSLzj41/jtzwTRcc5WGRkLqCUmEuC7lmpRFiugDz1Ci5oXOjVU8kAFYRYq3/~4602180~3617846; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 15:52:00 GMT; Max-Age=14399
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dcc60_kf175_11685-64317
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pid=609909ae-a4a2-45e8-8401-abc6c3f612e0&sn=1&cfg&pv=2&aid=
23.36.79.9200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pid=609909ae-a4a2-45e8-8401-abc6c3f612e0&sn=1&cfg&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 0b188aba947380f5adfc2cbd1cef78bc
b2db65dc9a34137da577f5ee76f38a223e78490a
52c396b5f3169fbb1e1cb47ef66c207ceb85f012169d3a0fdc97efe6e7fa7be8
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pid=609909ae-a4a2-45e8-8401-abc6c3f612e0&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2801
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 11:52:01 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!YYdE2PqAaeXs9XUq/D2JHXmrrcNtC7ZAIiAWMT6aqR+QQeAGp71fqT2fGmTy/1yYyi6kcCQe5RrpjQ==; path=/; Httponly; Secure
DCID=2w8LmMgVBNx+Oy3zFffCXJjZwJ1eU3CU85mDPrOiyksNLI67ecZ3tlLjrbwMB7Sz; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:07:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
44.227.157.5200 OK 1.2 kB URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 44.227.157.5:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f022ed9a6aae9666bcd5426fed70ff6
a2cf9ce607a6edc752bdf5b61d3ca276014aac9e
b0500c6ec7723735f96736d8a9c5fae6248d7872e1a10e51223f1c04011b1bb9
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 11:51:52 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pid=609909ae-a4a2-45e8-8401-abc6c3f612e0&sn=3&cfg=32a3f9ce&pv=2&aid=
23.36.79.9200 OK 164 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pid=609909ae-a4a2-45e8-8401-abc6c3f612e0&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 767417fdbe1292c1b85146c20dac4c69
ca6dac8293ef209f892630b3a66b56cc13ec6fcc
b0e8c705ff19dcba1b353724a81f67ff74a58b45876b36f9434ccaa1d9fc286e
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pid=609909ae-a4a2-45e8-8401-abc6c3f612e0&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50641
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 11:52:02 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!d/mqk5g7E2H0Q/h54TfMmyz5FQ342Y1R6GEbOEj81q0DMObzml1dTvvncrTdlNGOehDxlMUC/Qp5eVA=; path=/; Httponly; Secure
DCID=g578eBif5ykWF6bM8BzazbmcZ77w0tVVKnOwUsZF4Qk%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:07:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
44.227.157.5200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 44.227.157.5:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11336
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 11:51:52 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:9fc5b498-2493-4903-abd4-6cd14d6a8cdb; Path=/; Expires=Mon, 05-Jun-2023 11:52:22 GMT; Max-Age=30
ADRUM_BTa=R:55|g:9fc5b498-2493-4903-abd4-6cd14d6a8cdb|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Mon, 05-Jun-2023 11:52:22 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Mon, 05-Jun-2023 11:52:22 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Mon, 05-Jun-2023 11:52:22 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:4; Path=/; Expires=Mon, 05-Jun-2023 11:52:22 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pid=609909ae-a4a2-45e8-8401-abc6c3f612e0&sn=2&cfg&pv=2&aid=
23.36.79.9200 OK 4.6 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pid=609909ae-a4a2-45e8-8401-abc6c3f612e0&sn=2&cfg&pv=2&aid=
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (5155), with no line terminators
Hash fc425e57041689c4cfccb0afa4ea76c6
1ca3941da7405b96011ad5cbade96abc81204abc
69593142e4c4e19c187c84a88af2deddcbe2f7d7bfc98d3cd24ef58bfa0fc803
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0&_cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8&pid=609909ae-a4a2-45e8-8401-abc6c3f612e0&sn=2&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34409
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=73fc4af1-ef7a-4896-a99a-d7ef6d9ba9b8; _cls_s=783b1f82-93de-42b5-9dcf-d37d1b2a6b46:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 11:52:02 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!hJ7o+9J3I5sba5vpnNE5eVRfS7HzY4DGch/tKDqUZvMbVwB3JWZ9xHi0eslrb4/0Tip+VXjc45yaxg==; path=/; Httponly; Secure
DCID=QCQe1P4F2GxQV0yDF+%2f+0Kf1GtRp1htZ%2fE9MvRPs6d5S1fo71P4AA5pdZrTMUaCy; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:07:01 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
23.36.79.34200 OK 848 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 848 kB (848213 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 11:51:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=W1xp3LhvDZFteP+RQ9XhHhf8800gYHJzPy%2fsGMyFdtVKCnPOv8awZfQwRz9hQ2oT; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:06:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
44.227.157.5200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 44.227.157.5:443
Requested by https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--u949329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 11:51:52 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2