ocsp.dcocsp.cn/
47.246.44.228 471 B IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 9c388f256787fe671b209b4549c25609
bce708db1ad56ad352ef1c726fbdc4164741f7e0
eb1329b189207ae0f74aa1fa2710665c98b0c0245a3156046eeb39db51bda913
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 03 Jun 2023 23:58:48 GMT
Ali-Swift-Global-Savetime: 1685836728
Via: cache21.l2de2[296,295,200-0,M], cache19.l2de2[297,0], cache3.se1[318,318,200-0,M], cache3.se1[319,0]
X-Cache: MISS TCP_REFRESH_MISS dirn:11:405357003
X-Swift-SaveTime: Sat, 03 Jun 2023 23:58:48 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9716858367285424700e
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
163.171.132.220200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash 27be29755a973f6521ec018177658039
3ca5a8e1260262f440af55322e67d77de76f94a0
f548e2a4b9af14db86443774e6341f839d5bdac1abb4001162dba1626aee55e8
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:48 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18839
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-6aa59e4d-0f10-441c-9dc6-a32fdcc12284' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18776 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71; Expires=Sat, 03 Jun 2023 23:59:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:59:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:59:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Sat, 03 Jun 2023 23:59:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:69; Expires=Sat, 03 Jun 2023 23:59:18 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306031658481837478655; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:58:48 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; path=/; Httponly; Secure
DCID=xeOtbelk15ELPta+C60el1PEAdfH1YpB5z2ycu3qxcYSE+opDuz4BUanzlu6fBkX; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:48 GMT;Httponly; Secure
_abck=CCA5BBAA8862FF936FF94E7DCFE86720~-1~YAAQlNAXAsSK4XaIAQAAegqzgwoj/GVY3MZosw8K0VBjSzH8LiKS8eOgQSyGs1NFr8mR3SzGmn0xW0GPcfWxnTxDT4WVxKjd3gatLRlMyHaaZaEg+bB4thygxt3XzFPLywgGl4SEznQ807EC/7HNgoR9g5qGu5YzDCnqRfiZyhIMxZ5qSEjIFnke7IjoBcXz3fQYZoe64uzFqyXLnMnDyHmOZvuulkFGod3FfBoKrjH+CcybkWmiJ5Wd+QJ3Q2O0nprDrnaPP4FPgn/vWhrDS6oBAIKgz1WVgtYmCe2a2hR5FNomHhQVHdRm5bWeWXWaqzRmHLFC8xU0zS8JwS0oE/3QKbZW9gRhTe6QNMkP+6HNQWSgGTyQ0LJfE36HoEZh~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:48 GMT; Max-Age=31536000; Secure
bm_sz=C32E90C08255EA081A18AA312BC485C5~YAAQlNAXAsWK4XaIAQAAegqzgxOoCyMtx/khoE+rcIqkgjp6rxLN569Z/DXHsj0UQFNQWxCcw5D4Wyi7q8KPNsGinIj24Ix44JjPjHnZ1pZThXnAvffiTxCPF0m+goq9yonP3Dn12I45ayEG7igQmUDX9hKHbBiSdqdjP62CmPTMCoBW46DgN2L5BAGmv5EM7pb1piWzs9cJGpKcTiooGGked4/P0QJDMR6gICDKeUDXuPGuTh6HLU7jhcFG6RZK89kH9KQwIa9bbk+N2gE3PVn7XC0tm1Bvv+bNyIfnwbdDPXyfHzyy~3552304~4473648; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:48 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b8_kf173_12562-29179
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
95.101.10.152200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Sat, 03 Jun 2023 23:58:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=UsyLxWbrQfNA3QZM4A48mQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.88.16.188200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=1042380
expires: Fri, 16 Jun 2023 01:31:49 GMT
date: Sat, 03 Jun 2023 23:58:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.88.16.188200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=1042243
expires: Fri, 16 Jun 2023 01:29:32 GMT
date: Sat, 03 Jun 2023 23:58:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.88.16.188200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=1042223
expires: Fri, 16 Jun 2023 01:29:12 GMT
date: Sat, 03 Jun 2023 23:58:49 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 77 kB URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 3b2227177307401f0ad66f16a01dfd5e
098aee523bc90b9abd2658dc3cad2b8d984c148c
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:49 GMT
Content-Type: application/javascript
Content-Length: 76583
Connection: keep-alive
Stored-Attribute-Sha-Checksum: f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Last-Modified: Wed, 26 Apr 2023 15:12:23 GMT
ETag: "5b8f9de7319f5214c46d203ee7c78f9bf749d0b7eaa059e3b1056741a3d903ac"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=BC%2fmSTyRoL9U5jPg%2fIJDKw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=18D9D08ABC252172E3CE4D880AC24301~-1~YAAQjtAXAvTeSIGIAQAAywuzgwqJGHszwlSNkzHTTIr+OljzaWSi/VTBiVEIZkiJw0dKXbE3+fBBiNahaEZqjUywm/nbzoWuUcUxO0sEPjmWDeFYUSl0ONTADgZKje1We19FsVcjrkc0r3hp6BIGst4qRwmPd5jRcH/RfYrwnQEu8w+9s9HG0kS/cAD3rfwphYQxej/KKLLk+8IGMkObUsetUeSj4wGZEdcZQLk/ctBZzX5kAzbaAzGIHa48JdOIbZhMp3HP56FNpsJSSSsXFMaSPQwVvD9SMnUJnd6+tS4hVCLNMpTmGUETZdmjElbLw3Xj8HribRq9wy3jfCME5TC7vGF0d5qXSiytJOtxHVByQM2rgLV4TCPeboav/MM+~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:49 GMT; Max-Age=31536000; Secure
bm_sz=5F854CBC24914D51D9DF689D9D738527~YAAQjtAXAvXeSIGIAQAAywuzgxPW1Lei7dRVs5m4/Y4g7U/0hmj3xW51Dp9xpaYxhCYBpyhEZN78X6hysgAf8ylYncaYK1ypG1N122nPqh0gsTmOoHh0PYApd5b0yhrY5ZjDf3B6K1cj7zZ3F/cBO2pqO5X1ZfqP3ywHJKyh9RkcqdGFB+bBhO2kFNlPkxxqpGvGoW2JnqWJYRgUyUg9oA3Hg/ZSjW4J1TggQNLJHhGG5GSVyQbJpOpzSEZZLgp/nTw9buJzW1rrinLcDp2aUGdag6NaRFeuR5lX2I9xU0hnGLx7yX07~3225926~4339512; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:49 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b9_kf173_12487-30370
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.132.220200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Sun, 04 Jun 2023 00:28:49 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: W/"643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b9_kf173_12434-43297
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.132.220200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Sun, 04 Jun 2023 00:28:49 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b9_kf173_12408-24101
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.132.220200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:49 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Sun, 04 Jun 2023 00:28:49 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b9_kf173_12520-57144
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
95.101.10.152200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Sat, 03 Jun 2023 23:58:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ffD8A5DrmAoa30tApn9iJQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.132.220200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash 0c94b8d5829e40b6cc6c452066280ecd
52ce4a2d0edb7715ad0b5545038ece11e95c2daa
aa3a13a6d8512fc42ebb76355527a746b430830b00f02f792056cae3670f5725
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:49 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4285
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 03 Jun 2023 23:58:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A9cMs4OIAQAAK25_QGGzEAFUlr0VG87G18mwInGU2iWRhg3lhxkhtC2kptRtAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|5d29261bfd7914789cfb3f636371986bdb2216d2; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=yfpfW+24BGSQVAph7HMF2WEMyxKX8AwQ4I89HmDiO5584Jwy3Am9DNPCvKOw3Khr; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b9_kf173_12562-29192
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.88.16.188200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=12682241
expires: Sat, 28 Oct 2023 18:49:30 GMT
date: Sat, 03 Jun 2023 23:58:49 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.88.16.188200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12825064
expires: Mon, 30 Oct 2023 10:29:53 GMT
date: Sat, 03 Jun 2023 23:58:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.88.16.188200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12682256
expires: Sat, 28 Oct 2023 18:49:45 GMT
date: Sat, 03 Jun 2023 23:58:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.88.16.188200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12825064
expires: Mon, 30 Oct 2023 10:29:53 GMT
date: Sat, 03 Jun 2023 23:58:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.88.16.188200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12749493
expires: Sun, 29 Oct 2023 13:30:22 GMT
date: Sat, 03 Jun 2023 23:58:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2043
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 03 Jun 2023 23:58:49 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=CoRjIVcHQgWxLKd+0wmoVg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=CoRjIVcHQgWxLKd+0wmoVg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=46B1BFF9853654D4AE8A94A970C833F9~-1~YAAQjtAXAhjfSIGIAQAANg6zgwpQ2sVrDyvIAykNw9Fc5K7E667MMLdsCsS1LGEuSQ6atdfzCf1KKNarGwDpHbBBAk/NTX264T4qKOsYvI0FlZbIH8lA6ETiXUGEkB10BHRam0O5Ifr87xsDpg48jux4CwR02dHQ9wOXotj1b69yQAVQsMYl+iFXuUTl5ZXginJnKuy3muP/23dQIu35UCd1wu+3LbGzDlyBgUjTyQCMB2XMxSN4BsfAgeGZzO3ZiXmXAavQ7jruxPkM00yi2dy9Giy0F0GB75SCSZCjZ6b65eLDJ8wmQQzyQZr5FPMfUeirbakxbFPj2MbdEds2MyILIUeU+KLDGpUvRq6sVfPb4+OfamMeQVCkOFPLfYgW~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:49 GMT; Max-Age=31536000; Secure
bm_sz=988F0D72F9FFF5BADAE1EB3DC29A3420~YAAQjtAXAhnfSIGIAQAANg6zgxOAXzJMBzt+ZrqdJrGopkiqI6C264M0PQWZw3H6x3oen1AOq3EKSP94689QSeUL1gAy1BfZWeyg11+aqRQI/yj9nTSFSqKabAT3Z3SVSWYv1VLswCQPdq2MNpZ4BywNSJztyYNAmtWQlVrQmDP1CkEWQ3sBgT4lbECMi4TW98n/NMbXL13bmqJ2D+qqUbUxav8Y+fCDyhlm3vVtViJ1vhKvD6eS1/kw4krHqB3nlNFz/egVLKFmZIjA9RvwPSyrk0B06uQkgbXyOU8yrcBKewfuXKXP~3225926~4339512; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:49 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b9_kf173_12408-24111
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/target/offers/conversations
163.171.132.220200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10650), with no line terminators
Hash f91305235aa344f2079625a37b5ae6db
6062561a8ca29b47ac7901a97f7a534ef0034d27
c31503f10915d55d7e366edb4d4fa08a7cd0e5e1fe4ccf28df1f4cfc0e49e5cc
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:49 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2087
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-6f952c83-d7dc-4d9c-9f36-e01bab5402eb' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:69; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934; Expires=Sat, 03 Jun 2023 23:59:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:59:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:59:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Sat, 03 Jun 2023 23:59:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:156; Expires=Sat, 03 Jun 2023 23:59:19 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306031658491480680766; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:58:49 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=BF09F33BC415D08B6F81D2FF3B522DC7; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=HT+jNIcrbWwzPxM4AOAHiUSlzeG+ruIEPs52TQOBJ6zgIvP8P4UWeFsZNUvBFpAu; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:49 GMT;Httponly; Secure
_abck=9C79004A8FAC86B994496B2007B78E61~-1~YAAQjtAXAhrfSIGIAQAAhA6zgwpY6EYZu5cf4Fw7ivzJ4HprZNxgU3oNaceExudHoVCKbV3sVp3hPZWrF8tJtM3nVsAK2wtj2Pb5F1nNofpEZbo4XWas7YriSTL57vmfZjtNP/03X7LlpGmuaevaX+kQUMjG4611vkXiaAx2vhmdsQ2qLfDNBptxy/QAXrlxZEy36uh428t36zdzT3PKEPeMg2Dxt7twxVCpXlgPprugLRnu0PhhaYwFdbRHClxfoTuM+6NAovasATp3pTCTMyRLj4PNv1LwH6M8CZcyUy8udm0uTyX873ovp0Y39yHrCvXALfY3cTQIqGmCQXetZ4yaBLeVN8Hq3MZvpPHSrfM86N6oh40ykixUh8Q2TJLy~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:49 GMT; Max-Age=31536000; Secure
bm_sz=52BDC526357DAE532901962CB8A3659B~YAAQjtAXAhvfSIGIAQAAhA6zgxM6c8joRJOUAoVMntRpatpRXOqrw2avRR3yX3m72RvCd+1RyYH0+2c4mj+v4mGslWmRcRrrvzm9f1EsC1XzwCq3VJ0shoiKNlEEIQyxxq5EHbmPCLPASptNfyZxxO1T7aJ/3HgjlO6bJ+qWcz/T8bagxJBqHNocA8DzQg6JbM6iutArHhplB0J9JBL90posmeph0v0ugUznoXDgRdjGHpmTcCM5/Gjpj31MciHlD9BrLj9fEWOpQ0dJUKp73Btlc6UYEd1RJ42L3owEwStnLgyZAPVz~3225926~4339512; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:49 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b9_kf173_12520-57150
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
104.88.16.188200 OK 3.5 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d1b1a3360bdd72738e293e52317421be
959dd982844853f38ab34579ad4738ee17b263d4
e03095c638618279cc642e7a7e10d962f3d7161eb34a25c9a2407045fead2391
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61a7e46d-e1c7"
last-modified: Thu, 20 Apr 2023 01:30:27 GMT
server: Akamai Image Manager
content-length: 3542
content-type: image/avif
cache-control: private, no-transform, max-age=1042147
expires: Fri, 16 Jun 2023 01:27:57 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
104.88.16.188200 OK 39 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 5d115cb30ce945de0d431748aa0b6073
e1af15a87872a93c56598fe21c82c252a7c82345
8f0441ba6cd327f630ce1653262816ae3fb9abf2db73b70c50be3e66c51dfd8f
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505859-e2ce"
last-modified: Thu, 20 Apr 2023 01:30:34 GMT
server: Akamai Image Manager
content-length: 39415
content-type: image/avif
cache-control: private, no-transform, max-age=1042287
expires: Fri, 16 Jun 2023 01:30:17 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
104.88.16.188200 OK 24 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87b3f9d652a18e74ea8ef53a99b251d6
8773c9b3a11fb9247039d731888724ccfb74bb5d
86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c49-e902"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 23508
content-type: image/avif
cache-control: private, no-transform, max-age=1042207
expires: Fri, 16 Jun 2023 01:28:57 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
104.88.16.188200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1042284
expires: Fri, 16 Jun 2023 01:30:14 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
104.88.16.188200 OK 13 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7d601c2b059838fc333feb0e3e020fe1
f57bc430ce2a2b0c146e8d573569367c6bf75bc3
dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c53-e73f"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 13330
content-type: image/avif
cache-control: private, no-transform, max-age=1042239
expires: Fri, 16 Jun 2023 01:29:29 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.88.16.188200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=1042152
expires: Fri, 16 Jun 2023 01:28:02 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.88.16.188200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=1000648
expires: Thu, 15 Jun 2023 13:56:18 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
104.88.16.188200 OK 2.3 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 3ce78d6dc48322da6961f79a42940dab
528dce02a84b67925d3e41632eaa418f0de7ad23
a137906477e02c4e3a756f805d90072a0c2e5c0d50290f0932de573ab29de76f
GET /assets/images/contextual/responsive/lpromo/wfi_ph_o_enjoysp300_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "641a0e62-1da30"
last-modified: Thu, 20 Apr 2023 01:31:14 GMT
server: Akamai Image Manager
content-length: 2317
content-type: image/avif
cache-control: private, no-transform, max-age=892932
expires: Wed, 14 Jun 2023 08:01:02 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.88.16.188200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=1042376
expires: Fri, 16 Jun 2023 01:31:46 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.88.16.188200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=1042399
expires: Fri, 16 Jun 2023 01:32:09 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.88.16.188200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=1042521
expires: Fri, 16 Jun 2023 01:34:11 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMComIOIAQAAB-SjvfAgADng99sw2aBzIxlo_Z4Q3W7sLBPU5MF2E5Cqf7pf&X-G2Q3kxs3--z=q
163.171.132.220200 OK 151 kB URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AMComIOIAQAAB-SjvfAgADng99sw2aBzIxlo_Z4Q3W7sLBPU5MF2E5Cqf7pf&X-G2Q3kxs3--z=q
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (150569 bytes)
Hash db55b68471a50ac9dff628e9711240ea
208f8941938494d757079b309b92c1c6ebbb0dbe
c56a0f53707eceb900aef3579a29c59e89c730cd4b632d96179162666f438023
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AMComIOIAQAAB-SjvfAgADng99sw2aBzIxlo_Z4Q3W7sLBPU5MF2E5Cqf7pf&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:50 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 03 Jun 2023 23:58:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A6INs4OIAQAA7WzhCV1S5m2VijEMNPCYm5HwjJLZEHap3D1QnSURa9gq_YumAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|2042cfe6c39f9b76a35ad795f7615c2b836d105a; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=iglXiHoxM5u%2fnjHYrp3fBXYSe+ogdsY6%2fGLy3jLZUU2qgluRLg3bkqqsb+wx0MxY; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b9_kf173_12487-30376
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.132.220200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:6ec28ed3-3d3f-451d-9c62-2b514b399c71|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:69; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:50 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 03 Jun 2023 23:58:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=jOxSQvMXElaEk5HVn29CIbCObpM6QoapuH9bs8ZRoLRQYQGUj0RZqdmfJ%2fCes2dV; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:49 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3b9_kf173_12434-43303
c1.wfinterface.com/tracking/hp/utag.js
95.101.10.106200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Sat, 03 Jun 2023 23:58:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=IGJXOqiQHQJ2SIm9%2fFqWgQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.88.16.188200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=31901
expires: Sun, 04 Jun 2023 08:50:31 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.88.16.188200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=1042329
expires: Fri, 16 Jun 2023 01:30:59 GMT
date: Sat, 03 Jun 2023 23:58:50 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2270
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 03 Jun 2023 23:58:50 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=fPUwm2XZmGoCq00j2KB0oQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=fPUwm2XZmGoCq00j2KB0oQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=5A9B9388B0ADF257CD6D9F8BC5A85D79~-1~YAAQjtAXAjjfSIGIAQAASxGzgwpnfrC1xtCPn/B4ZfoDGmco5V2BX+mO+FRKx9tTAWT/p+1wfkIQ116qNwZmT2rLWw2s6gkaAmAVMKTQQsusTPQX/Cq4ACyNUhK5VefqnD4ztayPz3QMp/pU2G/91Ws6NmLfgBdnCBOWMnHVaHwx3Z3blb0ZMC29j/YCs1gV8q31qFavHXxxN1I91bugNeB1h6lDcEbd7T1v8QnBdSrK5ZIQylK3iIvcNvZUgmXicfpcsohCpnph3xRcMotgl7nIkD0MUX7UQ1XhMJ5zUN0gG9PyN0ugfkQJn5j1lOvVLDHxcvkblYhUpquQULdttzuUiRoN3vtPv6cM2R1JcbxOUx4BKNubPr+ROG7Z5YEu~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:50 GMT; Max-Age=31536000; Secure
bm_sz=F7CC9CBC5685338045E8FAE3595BE43A~YAAQjtAXAjnfSIGIAQAASxGzgxOqqOfTziDiBQEHHpeaBO5s3p0eC5yXcHH07tMOCk7/wIxa0/fCQ9MmQ91RcUKUQL9i6Bsk+U9CwQJ5caf+VKfoZR8ibHTWh+1B9G2batQ6docXtWci4P3m0z0R6M+RbZicAesrW0RswvL/EL7OLOmdvpeke34vJ5PYzi30n9GyxiULhljl2cWo2znPJnqc9Jeps+Lr81ls2hLQ2OntEkPhGe5nFv2YetTdOFbL/pFl+meyAZX+35K8vf+iJjPN0PratunzkiuFhuzzdUY6GpMYEiBj~4604721~4539970; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:50 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3ba_kf173_12434-43309
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.88.16.188200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=1042253
expires: Fri, 16 Jun 2023 01:29:44 GMT
date: Sat, 03 Jun 2023 23:58:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.88.16.188200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=1042161
expires: Fri, 16 Jun 2023 01:28:12 GMT
date: Sat, 03 Jun 2023 23:58:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.88.16.188200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1042247
expires: Fri, 16 Jun 2023 01:29:38 GMT
date: Sat, 03 Jun 2023 23:58:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.88.16.188200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=937194
expires: Wed, 14 Jun 2023 20:18:45 GMT
date: Sat, 03 Jun 2023 23:58:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.88.16.188200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=1042309
expires: Fri, 16 Jun 2023 01:30:40 GMT
date: Sat, 03 Jun 2023 23:58:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.88.16.188200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=1042572
expires: Fri, 16 Jun 2023 01:35:03 GMT
date: Sat, 03 Jun 2023 23:58:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.88.16.188200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=1042137
expires: Fri, 16 Jun 2023 01:27:48 GMT
date: Sat, 03 Jun 2023 23:58:51 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.88.16.188200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=1042155
expires: Fri, 16 Jun 2023 01:28:06 GMT
date: Sat, 03 Jun 2023 23:58:51 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
163.171.132.220200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /WCp50A_LZKEHWQ41lS-0/7bk7VJXhJmED/aE0gZA/LzVHK2/ECYFs HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2925
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:1$_ss:1$_st:1685838530543$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Sat, 03 Jun 2023 23:58:51 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=yk5NLP3yE8cv3%2fnnz1AFmw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=yk5NLP3yE8cv3%2fnnz1AFmw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=1FC464A596D4D1B93EBE4C52743C5C49~-1~YAAQjtAXAkbfSIGIAQAAvxKzgwovbJzG1VTysuLl/6tGI+Z5y4HDVj6zU/zWZOEXoP8UZ00Zi/8bXG14H+xQ57IUcA6KBLgLI5PoDUeMzFK0+VxEDWpgdtkosl/j25nkhfBBI5pxXIMeRnqC4Qqk7txnCvd3SfxY9LYrsHrnCrrnmtOzbirUkCB2WD+/+VaJrQoE2gQx4K0F9AFvzfQmENQQ7Qlue4/9z+yIdUk29XY7+2el7eQTpZDXjkstZ+YzZKA6t6v8omw7YukzAN4TJ2HJEjXJzJ/Db/648MwZpdMcZyrY9jGSQUJNfk9KVDJh7N2EqXpEMb+wpXnue1fYTNKfrYQUoOzD18rJgFhh73ORgogHhqiVV9KI9ob7+C8L~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Max-Age=31536000; Secure
bm_sz=58E6381DF1CBB9E27EFF15F87A3DBE29~YAAQjtAXAkffSIGIAQAAvxKzgxOZa3pqhNvqkrxwXMOeirOdmH0wt28nTvEK1mhpXonTrb6YXCaF8Sjxdd0SbWYZWEGsDZ485PRDUGVYqntwkZ3sdeD2vnkWYxXhjEx8ua+l53Sy8Bzb2Jz4zkFtRQloGaaDoBZgiNFjysYaKJDlimJg1A8voMXSRoAyHYZqSs4WUGUO8au7QvU3yFNHDgH/xsVp8P0gCGJHYjh8eWktoHpWuhFRp1EtCSNp/ab59xQTbmF2MDgQ6I5BgewENwj8fmlnkKVTfMItdrwtqMjchWTwnA3r~3682865~4343110; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:51 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12434-43316
c1.wfinterface.com/tracking/gb/detector-dom.min.js
95.101.10.106200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=iOUc8M8KShZii5riyo9amw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
95.101.10.194200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=L+wVk8rVNGwoU+0p4UrhpT7jJoH3JApPzpG9BIsDzjE%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
95.101.10.152200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qWeTSa9tZoFrjpbuJxG8Rg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.132.220200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash f34c030d7311ffb28fb9c9e2caf49d5b
114cefb6a5ee5312c365aed468b929b6c7cea577
6de5c9ce7580dcdaf9b3a635cb89f9fd77edc58d09dcbf09d0c0320c57284194
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------350563228741377805281582305017
Content-Length: 171
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:1$_ss:1$_st:1685838530543$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CvVersion%7C5.2.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:51 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=4E3GXIkt09gkcjM7fCH5azySVykEbrE0fllTFugJXLz5kXTvfCZPXkNCJUUMP8WM; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
_abck=873C73D83AF5AE7F50AD5D2882D4385B~-1~YAAQlNAXAgqL4XaIAQAADRSzgwoyE1rXYkfSxsbGmDhiQTDRT0XF7XW+l1eUPPTYZfYSNViInv2swCaOivTRpf2PDi7OjRk3WzeXHuK3ARPx5AMYOk2TFgszQd9RhAfUxiRcBfxF2dMllXjPztkm0teM8+wOzJJMXDqrcQPuIzUenepggvIjUy5dZXHSdtja2Hu11wbIfl8lrn9GzGmUXf+nP+APWTAccmRuKnZiWq0+DIszrNeUl04mC1pRFOGV0nEBzjTuzKkqcgfcSSEzngQ5egQS6pdsXgyrZRrYA5fOwKsmXlwNS9+y3lbLs0gsis6Xi+C3FX/PvSI1ueB91zUT5XYZvRrrU5LYG5lntoYjF/8sSpV7ZFgTvIIqQkmd~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Max-Age=31536000; Secure
bm_sz=0B6994A2A4A0A3BBF536864A32536624~YAAQlNAXAguL4XaIAQAADRSzgxPnzJ42KdGoqs4I8qx1hXNItpelBjakIGiUfzl0N0Ba7q9HKqi+GpxZDTsj50YmFrO83rKFf1ZZbwOITuwbcy/P4/mFl7NCP8kWZgfS+yDKclMsverowy18ijfmZ+xSs9jmVlFGAEvtrP4xUWRb4fYlTJOyYg3RWD3234cLQIIg64fzJs4cW8Svs1shsSWugR+qm7GFw8RVI5OKEUdVEu2Z1Ufx7KFU4hpcwUvQc9+c9stJHto2thHLK1ooumce47JWIr2teIwQP9lPZrKB6BjhKi+N~3682865~4343110; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:51 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12434-43317
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
95.101.10.136200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ro92+e7t6AtfjZ6vNY+OiA%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
95.101.10.136200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=dVPxfhaMfpDRchv+pLTM2A%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=lXlKEawXdev16hKpX5zdHg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
95.101.10.194200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=tYoo8UY7pnTRbyI+s1Zm98VC7YCQQiD+B05oVIpFC77t7hHFkbTvQjEoqRZBYddB; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
95.101.10.152200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=2XEdC4jBYjhDzrSNk5+FDA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=6zVK7R2B7aWQZKKL4SxpOw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=+WFrLWcug7lNQsVeJAVdQQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
95.101.10.194200 OK 152 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 152 kB (151479 bytes)
Hash 09ac17daa832c8a16c97916a6e7bb94e
422f4d83aaabff70c0e1c6244e461c2586aca205
5cdc1feb9601c4ec241d870f0f86fdaf6d3589a1f85493780a2adfa776f901a2
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:58:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=Ay4Ts4OIAQAAa0Fko1e0uYDmXMCHAkRpJOMgI-bMa3pd9dudZw2q683GyJ3cAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|aaac73835a4e026786f3cc43aa8a1fe226250c0c; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=GMI3iMf7B0A3dLXmxUxTvUkdDHbgtVQkb0jFWlJMxrU%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99%3A0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pv=2&f_cls_s=true
95.101.10.203200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99%3A0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pv=2&f_cls_s=true
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 396caa1abae14d9f8d096e35dce58ed0
0468e09114d48e4c2690ca446b337f6caa5c2194
17c015e40361fdde9ce24009bfc1bd4f7881ca47f9b17b49fe98c27ce4491437
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99%3A0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1141
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; Secure; SameSite=None;HttpOnly;Secure
_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!JGm1Zi9d/Tm2cGbpnNE5eVRfS7HzY7OHyGFytrwjALtkK8lYdJsBb91V3NtLhpJIWe670zHT0oDTSQ==; path=/; Httponly; Secure
DCID=DdCyN3Gg3JjOmWQYeYNRYztsVhHkYHYg95FBmsYeYQS8CGOxisohq8NhkHLysnvH; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/jsLog
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/jsLog
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 166
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:51 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-43b4d350-53ca-4d8a-abcb-232705ed3d7e' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:156; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9184ac3b-dac1-4946-a8e8-c0eac7c40c99; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9184ac3b-dac1-4946-a8e8-c0eac7c40c99|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=7BCED7488C67B0596F85240713E3D5C1; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603165851531711307; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:58:51 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:27|i:206915; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:52; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:52|d:1; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ISD_WCM_COOKIE=!JjU60Dct92basgMMntjHYqEj2JIOPNZ46hFq8ieS/RmFWOtHwyoPJjiiy8TH3DHG6dDRIOQKyncizKw=; path=/; Httponly; Secure
DCID=Wibg3d4NhEZatz%2f8Vovy4iCTPZQvUlTg8hFdMRxp4nNApYI3huICFqfZaBsq0bfO; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
_abck=82197B3F198B05A7D791238D8A3D9F68~-1~YAAQlNAXAg+L4XaIAQAAYBWzgwq49JjEZ7QaTsXCp1DcsIOuKPeEzMV77F82pRPgSLlNC130v9Kz7xb0XrPSjkP0ZQAr9QZM5kwqPbuWltLrUceAxTDDmq27/hNSk+iFhSeiD0IoxQVOQWgqBy0a1kQ2QiknPmLQ9iKWOzIHVdN/RQ6N8UFA7MUNNx6kK4goJ9w+KL5UnxuLrgg+g7/Kdl7qKXTJahR0DIIuNmg+e1JXfQkKiGecGRf+c2ed4mSA3TBXEzRLDLTwgCwlsPCNtP5vdqSxLvvwSX6HSFlH1EhU9Wz12fZXq/nbAcIKtSXNonAejffhIQt+DAeF8UGhg9WdtzvGQpua1pNoiSmfVjI0Wb5jecPo9QXbk4xNrUJE~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Max-Age=31536000; Secure
bm_sz=2BDA9BF8D4CEDBDF2D6647ED1C46AFC6~YAAQlNAXAhCL4XaIAQAAYBWzgxMxLZAApNJr5Iy54hPmsPZiwuyBSu4AjV9kOrN7NgTIK/Dz/EX9W5uo8oAD7Z+1CidPAt1R5att1/3MVPGdYFurK4ABL8vJayqPX0ni7RRrnob4CPBomGQq0Jibj54gItpXlGv2fgUjgqqKiIBCAS6f2zry4mMqmmbPi0ShGUycCpFNJagDfIiq3fCSQ9mwD+zs9A8hPUowIicF8kCPFFSy1iujKLxuFPHebi77JaRjMNjqzcK9bROjMb9EdBD1McMqu7Q4WL4HLFHdATYfVI7zpcGl~3682865~4343110; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12434-43325
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731072&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731072&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731072&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=UJvihr%2fb6jm4LCd0tVxggT2GY%2fW34T2jdDYvSpc4%2fekdONtZrKVx+%2fRScd4mm4Rw; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12487-30404
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Sat, 03 Jun 2023 23:58:51 GMT
Connection: keep-alive
Set-Cookie: DCID=BevyT+pe2VVsLw92blVuH70yH9iXb7TBaTqPjSJZP3WtkxPyvyCzesq%2fqldVjFmn; Domain=c1.wfinterface.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 969 B URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2441), with no line terminators
Hash e53693902fa5fd34d3e55d7d041aa165
8ee14e86ba0101e82bcfc0f1ad216aeb8d1c4ee3
72714135da857bf538dcff7f3b1b729745d365b1fb1188a0576a9e3650a10d63
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:51 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 969
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-7c249a13-2ac4-4125-9583-7f4a20083041' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:156; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:6d239200-581a-4b98-b48c-86aa4e93f1f5; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:6d239200-581a-4b98-b48c-86aa4e93f1f5|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:54; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=AF1DD7A15D46A01B54854155097FA998; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031658512025251220; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:58:51 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!b05FdeOSUVcgvo4MntjHYqEj2JIOPChtbsrW2Y7//tuY7fB47BrthsLMmNnQZ9iNz5+2rdBZ5au9KTc=; path=/; Httponly; Secure
DCID=GDHettCw%2fUFpBPTYi5XocnQOR+8ITynG09WICn1B3l56CH5sjtPvkFo2bsUASmUm; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
_abck=524BA1B7BD66E8BBECB6DA8D4690B595~-1~YAAQjtAXAlDfSIGIAQAA+xWzgwp/47PutYZyem4yK5Lxh2PUv7F9H2sIb6Ak+TWGdelI6kEpg8+WjNkqM/91L/SzIQrue6kdCH22lrLkvgaYMYAPjlWOrQnro0US1RSQh6PGm69zDwXSDUxXu28FA2lX3vajeUk9oQLyEajRKhVnR9xLTVGQsFkwimToTxEY1d9G0qvkYbiAsUdrD4wOE1u30O8ntcmcS9UM8e3jDXzkDrx7NJAj8+OHpyue7OmbaIAXYTF2wVabIVkD5k7iUMxKsTBwqKyUw26MEKRFnfAaKI/8jh1Gmrg41bOgwaLqWUFNG1rfvTrWErRlgxHgG1pP0O/ampCip6IN/ioFsjueFv+UIHGP6IjOSF6xqR/s~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Max-Age=31536000; Secure
bm_sz=6C7C32FB0648B0A2CD6092F7C2DCCAF3~YAAQjtAXAlHfSIGIAQAA+xWzgxOBrMQFBAUK8h0AWslZ/tQ96dVVRssYRb9jt3TynGFK+dvQMyuBJmY/3UXpPH/DClgpiIJxMvkvyWj8JwJ6GZodS9BJgj+T1OBcARLfBCOu5w5iih2JCnfTc5CeUVWjqtpcYVDgLjjuMDMBMZ5EBKt9C1qVaTpnFFFQ4nDMBvHvO5JS6Gxedl+KXaw0JMbrDyt+JvB5X0jBco5YnPAw4k6CSVo32fdG2GlkengokGrcDiN8wBbkiA4BFEUGpheRWUmqBFqwM4Ob4cnemTbjJFi+tYqO~3682865~4343110; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12408-24140
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731230&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731230&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731230&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:51 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=wGXIC7v6uU%2fJLzri9VJf6PsTOTQkFKrrZGbZrMfyK31gpzS2Ps6uP+EXhAzGBBie; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12434-43329
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 970 B URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2442), with no line terminators
Hash 4a62145a050e6ac2f02aca2082839399
2025cb23ab8d41cf51137df063ab9a30331e8ab7
805cd82c3e2ef64e630eae847c9a12c7807ffc8744294971dc8ace73ae73d21b
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 267
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:51 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 970
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-7d8d8aef-c22d-43e5-af7c-64815289818a' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:156; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:926a983c-8f2a-43dc-bc38-13ea88269ffb; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:926a983c-8f2a-43dc-bc38-13ea88269ffb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:62; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=1F1334798C18182AF19B835001ECD941; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306031658511276591729; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:58:51 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!qpYvv+UMw8dlTB/z2xKqB3cO2dndHlv3W3hlq6U6F0JmrERO004xWlHHrFtA6CgDpxBW7NerdFag+Vg=; path=/; Httponly; Secure
DCID=K5WhGev%2fCc0asJK4W+PsW2Wns9IXPpEDROSsUyFfn3i12N+qw5ilBOkQ5HCbFPlp; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
_abck=AD75D44D6CAB6149512B44E209D92BEC~-1~YAAQlNAXAhyL4XaIAQAALRazgwpZdmRAUo8YRLSq71dy0Ym7yuqyPsZ/I2cj9Hib5Jy2O6FgtJO4Usiipf1MvN+3Qj3vncUFwG7KLglDU4s+0u3VZ8CjcZ9D6tttKVCFBH/Qw0rjGTYP3QZH+JyI6wzZNvkKfn3nlo7QKjFbSaAC3evCx1Pu0TGVZ7fVZTmoym3DenNPtK4A5CylIFki6ibSBkQsCuffxdpUwvWR1g++YkFcoR9TcJsMRCqi3QeDwVEJlhH6JR1lsA/ttAUwYWRc1O/xuC2Nv/YWksCO2MZsWMh8aDvFL/hk63dOy6312WD4Ml3dc++Vy+92bTnMLPb71PM7hevvTG7OGblyjGRCkm2zrGznJwUeOW1w8vTK~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Max-Age=31536000; Secure
bm_sz=DB4655D17A462730546C41A06BC05AB7~YAAQlNAXAh2L4XaIAQAALRazgxPEhadNda11L08WlkcQA091qyU6jsDVRQ3/6+/K1MTOoEnHKN7TnvaKrBR1JxOAMT4EAYbp5J1He7ntsLF+S1HD9KFbVT6pjas8+K1dYiYN182VQD9JGRrUBq5L4fAan+o5Vqrem+oDMZZ0FPrw3fM3PrhgGTrMdJCWg8UYBueIKNhpHptIJ47vrgdrKo5OExnyVKgNqabswy+Dj1hYjW/XtZhWX38C7lLoAUXi/kgWV2oOTWc8ZMDzcrkcx3mw0h/BltJKAUooFg47J2+/xxZ38Htc~3682865~4343110; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12520-57180
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 942 B URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2361), with no line terminators
Hash 49789febecf5a8ecaa0d096e0f72a467
80fa491275d6a2250c2e1048f5b1b99c17137ac0
619e0dbed94b067d411f189afadf829d3dd8198e2a79c32130aa0f5fdacf7b74
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:51 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 942
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-acf64fe8-8715-4119-a1f3-de55c44b8039' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:156; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:3ffcfbdb-3f0b-4efd-91ae-7f389cf19fe1; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:3ffcfbdb-3f0b-4efd-91ae-7f389cf19fe1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:61; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=D5E14B420FBE6D45566CC785F6B68E81; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603165851667030994; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:58:51 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!qx0vTSXlFc9+8F7z2xKqB3cO2dndHtkOEukn6D1uQrXvjs2GbTiP5OF6R5x2dtnxk/ff8rp4O3ecEsI=; path=/; Httponly; Secure
DCID=8WGkaXtrqjLEfBWx%2f0Mq+I7lt1TmD7aX250Nv%2fyXgxqBnkhKSC3usOO9dV0Ss7cy; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
_abck=07A5454670D9CF25EFFE6A18E25FD005~-1~YAAQlNAXAh6L4XaIAQAAMhazgwpLsiNDT5aqyHZlRBKorxxj4Zu6NDZ/XqXHijq8HAZRUnktpsZkXOttlNp6xZQ4+1iuwAu0g5Nwww4juFe3XQo8qbVF1Kl17YpDAb6tY8YRjpwqvY85Pg09AOcyPiRMbiB5wuWQu5fEuoHhci/Y/XyvWUhMSZ9GDmdbO7UZ5yYSGdPQIC3mZI6F63nt5NAhSNCrVbSuX2r56DkNLFtGY7JmGKoWUJGHKhNCvpP52mqMmHYePiIKMnvfympkekh+0myTkf/Y1Kt/Vc9Do1H2RU6PsUpuKCpBhRdmrPcxXUPD+RFEQol5KQCM7JArVJP+6Kcv3puqJBz3QFuZssi20rRMem8x+5AQA/Bmz5+w~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Max-Age=31536000; Secure
bm_sz=A3ADB16DD8A24D90B54986BAD2E1147A~YAAQlNAXAh+L4XaIAQAAMhazgxN8lFBvG7Y2tc0xmtSJWNGsMRhV4Niu5WhdBnA2lKpwyVq4Z/ekRYKKCFSfUEkexIiyUo2808gURBm7vtxu2AcK8aLz/zfZUFudPdUXzMq7roY0lsGADK5l8rySRmfoqn/QnMkrxWCtrRssCrIJScwnCD6aBNmRm9OcYk5NJs2zrKogSeCOYymmJXVcqfFWh/Y+dhPYTl/qbEdXWVhMH6uPMExsLZhSNd3c9G2j8IIiAVCmsOtQooyp1c9gFBEef98eEa5kOiG2HRLXxERh+V9ZBJuX~3682865~4343110; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:51 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12562-29222
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 968 B URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2435), with no line terminators
Hash 621e7c81deed367639e719b1dbdb5b89
af6120dc5e980434f65b4a0652fe32a6e3035822
0b2310ecb516d0e13c7fa856cf83b7d4ec1a90c3570b6d535f82d05e86920504
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 968
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-687586a0-7413-4bec-a849-90cb42dca16b' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:156; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9808a318-14a2-4052-a23d-a7e70a4ee741; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9808a318-14a2-4052-a23d-a7e70a4ee741|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:61; Expires=Sat, 03 Jun 2023 23:59:21 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=25586BEDF45355306F5AAADC6E3E001C; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sun, 02 Jun 2024 23:58:51 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230603165851469048835; domain=.wellsfargo.com; path=/; expires=31 May 2033 23:58:51 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!3XsHFylg4oENmUHz2xKqB3cO2dndHmaqPrvQgBHNoRhmh4xk4yyaxk0YScytSQwfIullCjzO0xfvXg==; path=/; Httponly; Secure
DCID=bKMn99M0j4pTxf1vjQ2PCsAxCuOlSEOlMzXYW+qYG4UlHd%2f36LaToVX3DjoGqM%2fW; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
_abck=0B500874AC3A9EEDF1C339B08191F958~-1~YAAQlNAXAiSL4XaIAQAAlRazgwrdWQtVZUsTSZlbbwKZVgvG9qaGPz4/x7jJ8jviv5caPCtHmesZLaCIRU5cOocP1TTdBwlUoBTngnfIPgc0Cy4iT4Yym3XB+YnIn66mCxy8QwvU/jBSu1V95j3cvK5uV0LWinDP36wVGXznva3lqNybf6Kz04e8dY1Qchr+U82itENCqDajuDq5FSESZpZtk1BfQ2WNJLySczQAchtvHy0bzPuqF0pAUdgDHZE6IlCNhrFNOJ7IJT3xyJGkbf07R3ONPiCizf0e6KhjPOQFsB2WBKQS8TAMmfnNnj9K486QeVdO1QfPio5LAd+ZC30lmRi8jobWq5mtL1JDMNECC+0uoDdn0GgpVj7Oinw4~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:52 GMT; Max-Age=31536000; Secure
bm_sz=FF55D447984E1C59871173A17A5908FC~YAAQlNAXAiWL4XaIAQAAlRazgxP+vVMAa186RlrbIfnvHo2mk0R5O5LmsRZ2yvJ14XPAirH+0LrBpXnuvovTO/eJ7f1tvcB8rdhU/6fHqgA6/cHKr8AtKDDr/9njm6CX6mBjgfKoDj4NBZczzr96h08R/LMB9F8s+TGz+kxdkFApQbygQsc3LRzaKcf9DH73J6crHSbnPJ8Y+PckZyuNby3bGLEbYoLbI6S6/A5/iTphANhkaTX+Pt1vf8eUc6Xf4lCegmidj6mk4WAjGO52gHmIjPqqCP2ZI20z6doMk00NlwFM0udx~3682865~4343110; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:51 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12487-30408
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
95.101.10.194200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=P5cALo+NYT7kgFJ63QItv9ypxXqAeT+Q3zc9meDn7N4%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731238&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731238&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731238&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=SgySRWoAmpPI3yceZScEczm37WgWZH5K5oucSg0FEOFgxiQtm8HLONfxVFt8Afg4; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12408-24143
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731234&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731234&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731234&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Pj9tEyTbSPXj+6Ubt8WVPGdhmNrSeVUWG%2fSuhPfq7S+2viJNurxkO0thBp6JFl5z; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12487-30409
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731243&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731243&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731243&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=vEl11Y11jydf1KA4my4%2f1Tlkh0ahl0psdRdQsKcvjASfNi5BJ4RKFpOfbzfRNy0X; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12434-43333
c1.wfinterface.com/tracking/ga/ga.js
95.101.10.106200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=yubFGb288PT3k0jDBoJ1XA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731249&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731249&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731249&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=0TKTkeYGkNI1UwIJ8jBtdKuPlhhopHjPzSGj%2f7keCkm3dZ+Bm+cAb6CVIqkrfrxS; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12520-57186
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731251&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731251&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731251&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=igrV%2ffYH%2fioGZPqYXMGzkDcaXz8vfj6zSGrW8CNXxvY2kWUBrYEQqZT7ZsJqJcIs; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bb_kf173_12562-29227
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731256&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731256&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731256&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=7Qyq4LRQZ+HzjMXKPY0yanTALrcTN2hemwmz4bYTqgMxEk3JkR1V04v6LhaxafD4; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bc_kf173_12487-30416
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731263&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731263&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731263&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=SSA0QKxRYKNf14D2s75%2fkqQCU7ZbwH9M+NS+imHqGuehImqrH5PoXOc5r8v7RDPs; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bc_kf173_12487-30417
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731258&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731258&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731258&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=caomBtMyBJG+6pMngbpKsgj0+oEHuyl%2fzL5+RwuY4wLV9Td+tFDaiY71At8+BxcQ; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bc_kf173_12408-24146
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
95.101.10.106200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=G+s%2fotRgXhxvTh6sJDAjTQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731266&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731266&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731266&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=MUy1P1icQ67zIJI0UIss%2f0J9hHdaZPvPdOzdj4nPUU8FalqmB+QSHiJlfUr8vPZt; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bc_kf173_12434-43338
c1.wfinterface.com/tracking/ga/ec.js
95.101.10.106200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=kYBh2XbLvpGKaWsAd4NrVw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731273&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731273&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731273&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=R2o+JMx4n4QH3GhnuTaHaQtV3o7nhI96p3X3ya4etpUNLKQDjv0cmn0PJCBwNEaR; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bc_kf173_12562-29229
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731270&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731270&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F&cb=1685836731270&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; ADRUM_BTa=R:27|g:ea34cc5c-2641-4c38-9597-709bd2cb4934|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:156; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Fri, 02 Jun 2023 23:58:52 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=SMTZQT+LSVPqWrhNlPnmknNhnEtJg%2foNSX5mVTv4P6DJ1DkIkPzFjLTqnBRLlEtI; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bc_kf173_12520-57190
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pid=ca7eac19-8477-48a1-b384-d968aa2fabc7&sn=1&cfg&pv=2&aid=
95.101.10.203200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pid=ca7eac19-8477-48a1-b384-d968aa2fabc7&sn=1&cfg&pv=2&aid=
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 396caa1abae14d9f8d096e35dce58ed0
0468e09114d48e4c2690ca446b337f6caa5c2194
17c015e40361fdde9ce24009bfc1bd4f7881ca47f9b17b49fe98c27ce4491437
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pid=ca7eac19-8477-48a1-b384-d968aa2fabc7&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2802
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1141
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!O6bOnBwspJrtpPrpnNE5eVRfS7HzY/Kdr556qh3x8zyvg1Wuh1RtqNTmoa6k6QFWjp3vSlQaBZGpcw==; path=/; Httponly; Secure
DCID=zRdbL2bkgTdd%2fCJAngRHRUiSDpX4eOJentNloz9%2fUDE6XrFouwAs4V95wbcDVKZx; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ort.wellsfargo.com/securereporting/reporting/v1/csp
95.101.10.185 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 95.101.10.185:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: db429a2b-867f-4c74-43f3-a3d60ea57d46
X-Xss-Protection: 1; mode=block
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:fb4e9d58-d859-43c9-9a7c-818e17d12673; Max-Age=30; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:fb4e9d58-d859-43c9-9a7c-818e17d12673|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:6; Max-Age=30; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:6|d:7; Max-Age=30; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
DCID=Qb+iI4iXSgVT9q4vWcR71DRVWc+iLearCYflJpU5IJY%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
_abck=1CB2A249F24021404EDEDDADBDC31DE0~-1~YAAQtQplX+nIzHiIAQAAIBizgwraqcIHgbItOEYm/sCWbjhXw9w7ChC+4UjR9LlfDOHrfeVHNaWYRDU+WzFAegQBxZ34ft3LRC6NYOFXJBDs1mjRkh0yYEkWBRz1lwx2EiJ7qx3D3hAGvBYbNKqqwNNq9iGli32M5hZKNB5NvsZybSnP5OJKk4pXEzkPCDO4rX06GrsdNViJqz0sKVFw1ikgCBj+RbP98oAFyQh3K5V4rNlAPtXLIuSZnj+dIRw/ym1unzvF0BE/KFzuhA7AYavTns/bYaGTeF7QBuv4hBgkNirWN3m9+nyPafn7LL/gOU6negQWn3oRktC3vmvHT24ijafUrDtH5me7RxWHSdTL/4L2AvsdI7Ax4wbJ4/uY~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:52 GMT; Max-Age=31536000; Secure
bm_sz=397B4B8EDD6E15687FDF1DCC129A3388~YAAQtQplX+rIzHiIAQAAIBizgxM2OM6xR4ytsewWwuv3sbUdR4oec6oq286FZqCQP9fE6AKQYpUj9OefpLHyIIYZX3HhTGHgFl0TFf5hqqJv5yr0eX8TKNII60nLmtMttGMcXgwBbFBXL3QS7aZ3EUrGjaw1dGRJP5Wd8PmidNlWjHDXpEHyt7gAV9bsJpy/KmjPUTvKsvYm4dXk8NFyZVhbBVXrPn+wVP7PbW8LO4cy3KHqRZ2c0SKeaW7vI4mhG6NB7P1W/nFSJBAZwIxmDsm44ctvisOLS6cWgDGycDHU4RbSfIg5~3622467~3294265; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/glu.js
95.101.10.194200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 43119395ff10840e4fda8cc0422229c4
e92ce9242a177aaa257a382d2ec29c69e8509992
cc9783f2dc31d075ba0e7bbc6444803409def24cbb72370ccf829a3c94539c9e
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37178
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=SeqJ3kUfXzoFzjRkCo56QbL8HBTXG511VVIMa5Jz49Y%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
95.101.10.194200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash 7791f2ff84d154b46506d913f30ee929
9e18863d3b2ea86b34d1de79e1f236d77a8f4d69
c4c31fbf39703dc8526397be75fc9c4d4569b93889513790794f5794e272fea2
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17863
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:a12aa394-2ebe-43fb-871e-1b6fbd46575c; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:a12aa394-2ebe-43fb-871e-1b6fbd46575c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Sat, 03 Jun 2023 23:59:22 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=kuus5Pbuhpw19SZe%2fWqXDo9GqSaOpcmYP2lv0ZO7NkmUd3MUrZWbyhElY4OVbCJH; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
_abck=2E614245B75F848AF787E89BB2D6C026~-1~YAAQvgplXylqE2uIAQAAfhmzgwqdwlBQa3oR1gQTHOj3FUpeh6I03CBvMWtQ15DFF0xrvdFb3xcS8MTDiuH1fQcblQh6VXHliLFXOKCMCsJPmHs5nMZID4WSLLPekRz0DYCncjO2YHCaPlZLsF9QD1J7XIlneoPRzmG48/YVpnG+OlEfM2dk+C1ePF27drc2GM7aybxFg32VjJbAv31wglWvA00SH7oTnjbjVbNfOovVOuSyiYGiBp9oG0HjBxLInXSzFFL9QCrtDRlSpKqfGABqu7BwXmJqsfSkEFk/L7K8AVyYAzQJly1tyUVIyRa4YJJbbNdLMBNFwmcxkynJsqjyx66hHD0H0t5pLcz7fJpAgvf3SjmTzCELmpKooIGG~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:52 GMT; Max-Age=31536000; Secure
bm_sz=512A4A8A55D05FFF76738C71129DCF90~YAAQvgplXypqE2uIAQAAfhmzgxPGTCErneDTfiFXrNK/CWodCjNsQDLAJcPC6XyKlwA0mo9AlOS4PyYVrmHsXrwLgZcLKKIx/KBV9r5e0/CCe1Ebs7gq0HAyEF81YiPvHbImID666LPackz0ierisjDCm3Fz/4DzewqhHJ3P3SgstMjgqtytsethLe4s790BE2vyOsMQB8ytxjVwPlD565925QbAvbqsIl9zQaT47DSxJynC/YFEYqc1HceFuTushjbN1z3f1Mtag4tPALAEuK1fOsN1kTsWcXg+BQOZT5eD9HXSXU/S~4273204~4536112; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBkejF3WXRHRnd1TTFGNm56VnlNQzgvMGdTcU9PTXRVZWhHbWZrMnVTdzNCWGR6RFc2Uy9lM3ZHZ2VrUW5QMWxQeWthTHRreHlnbkhJU2VvNW80ZUR4QUhvdkxPczlDUm5JVGtWZzUyL2I2eldtZm1ndURqMlJPQitxaVNMVW8xVDVWQ3hQQUhtZ0E0WjQvL3ZPYUFzWERmQ05uNXZ3QzdBZWd2V2xtcHV1Z2VHaTVRS3RXRjBSSldjdGJwMndTb0dkdmFnQVU4bTZlaE9tamF0Uy9KenpWcll6Wk1ETWI3a2lsNCtJZmJLMUV2dWdtT2p2NENjb09GNTNKQzFrU0w3cXNXcmxkUllJVW1lS3lVSzdEckJuVUJ6c3Y4Q0hVWFh2ZzczelpvPXw4ZjZjNmY3YTY4OTMzOGI5YmI1MDMyOGZiZGUxY2NlZjEwYjRkYmYyYWY0Y2UwYjhiODZhOTg2NGFjMTAzMjY0YjFlNTM0NDY3YWVlNzc3YWVmMjFhZGNjMTY2NjU5OTZiOTI1NTVkM2ZhN2RmNDcyNGQ0ZGZjMDc2YTFiNWE4YWNjZmM2ODQyNDkzNmYxNjhmOTNhOGU0ZDcyMGJjZDliYTg2OGFiMGE3ODQxMTdmNzBjYzIwMjU3ZDQ1NDRlYjhiNjdmNjVmMjE3ZTE4NTFlMTVjNjg1NjA3OTlhMGQ0NGIwMzI3MmU1MzU3NmM2MzM0YjA2YmI4MTA0NDZmODMxYzdiMzhiNTM3OWIwYTY1ZWI5NTI1MTk4M2NmYjkxNmM1YmY0YmM3YWY0ZDk2Nzk4MTMwZGM3MGZiYmM2ZGI5MDI5OTVjNTIyNThhMzgwODVkNmI0YjQ2MTU1ZDQwZWZjODJiZDgwZDNiOGM0YTBiZDkyNTdmYTgzYThjOTkyYjdjNWMwOTUwYTNkNzdmYzVlMjgyY2RiYWQ1ZTI1YWVmNjI4YmE1ZTZmN2MwM2Q4YTc2NDE4ODMxYjE0YjNmMTc2NDQyN2ViMmQyN2MxMjk4MDM3ZjRhYWY3ZTQzMGU1NmYyMzFhYzc5NGIwNjNmYjcxZTE1N2EyMGU4ODI0ZGFkNXwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com&t=jsonp&c=a_oycpbnkctselhl&eu=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F
95.101.10.194200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBkejF3WXRHRnd1TTFGNm56VnlNQzgvMGdTcU9PTXRVZWhHbWZrMnVTdzNCWGR6RFc2Uy9lM3ZHZ2VrUW5QMWxQeWthTHRreHlnbkhJU2VvNW80ZUR4QUhvdkxPczlDUm5JVGtWZzUyL2I2eldtZm1ndURqMlJPQitxaVNMVW8xVDVWQ3hQQUhtZ0E0WjQvL3ZPYUFzWERmQ05uNXZ3QzdBZWd2V2xtcHV1Z2VHaTVRS3RXRjBSSldjdGJwMndTb0dkdmFnQVU4bTZlaE9tamF0Uy9KenpWcll6Wk1ETWI3a2lsNCtJZmJLMUV2dWdtT2p2NENjb09GNTNKQzFrU0w3cXNXcmxkUllJVW1lS3lVSzdEckJuVUJ6c3Y4Q0hVWFh2ZzczelpvPXw4ZjZjNmY3YTY4OTMzOGI5YmI1MDMyOGZiZGUxY2NlZjEwYjRkYmYyYWY0Y2UwYjhiODZhOTg2NGFjMTAzMjY0YjFlNTM0NDY3YWVlNzc3YWVmMjFhZGNjMTY2NjU5OTZiOTI1NTVkM2ZhN2RmNDcyNGQ0ZGZjMDc2YTFiNWE4YWNjZmM2ODQyNDkzNmYxNjhmOTNhOGU0ZDcyMGJjZDliYTg2OGFiMGE3ODQxMTdmNzBjYzIwMjU3ZDQ1NDRlYjhiNjdmNjVmMjE3ZTE4NTFlMTVjNjg1NjA3OTlhMGQ0NGIwMzI3MmU1MzU3NmM2MzM0YjA2YmI4MTA0NDZmODMxYzdiMzhiNTM3OWIwYTY1ZWI5NTI1MTk4M2NmYjkxNmM1YmY0YmM3YWY0ZDk2Nzk4MTMwZGM3MGZiYmM2ZGI5MDI5OTVjNTIyNThhMzgwODVkNmI0YjQ2MTU1ZDQwZWZjODJiZDgwZDNiOGM0YTBiZDkyNTdmYTgzYThjOTkyYjdjNWMwOTUwYTNkNzdmYzVlMjgyY2RiYWQ1ZTI1YWVmNjI4YmE1ZTZmN2MwM2Q4YTc2NDE4ODMxYjE0YjNmMTc2NDQyN2ViMmQyN2MxMjk4MDM3ZjRhYWY3ZTQzMGU1NmYyMzFhYzc5NGIwNjNmYjcxZTE1N2EyMGU4ODI0ZGFkNXwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com&t=jsonp&c=a_oycpbnkctselhl&eu=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash c71440ba723e2363a29f6780ddc13e68
61a646e0837e09a710002796c8b1f7d8894b31b7
5b81cef210c578946e65fdb9f492b907792f89dde6727a5be3fc1ffbaf36d57f
GET /AIDO/vyHb?d=ZW5jZEBkejF3WXRHRnd1TTFGNm56VnlNQzgvMGdTcU9PTXRVZWhHbWZrMnVTdzNCWGR6RFc2Uy9lM3ZHZ2VrUW5QMWxQeWthTHRreHlnbkhJU2VvNW80ZUR4QUhvdkxPczlDUm5JVGtWZzUyL2I2eldtZm1ndURqMlJPQitxaVNMVW8xVDVWQ3hQQUhtZ0E0WjQvL3ZPYUFzWERmQ05uNXZ3QzdBZWd2V2xtcHV1Z2VHaTVRS3RXRjBSSldjdGJwMndTb0dkdmFnQVU4bTZlaE9tamF0Uy9KenpWcll6Wk1ETWI3a2lsNCtJZmJLMUV2dWdtT2p2NENjb09GNTNKQzFrU0w3cXNXcmxkUllJVW1lS3lVSzdEckJuVUJ6c3Y4Q0hVWFh2ZzczelpvPXw4ZjZjNmY3YTY4OTMzOGI5YmI1MDMyOGZiZGUxY2NlZjEwYjRkYmYyYWY0Y2UwYjhiODZhOTg2NGFjMTAzMjY0YjFlNTM0NDY3YWVlNzc3YWVmMjFhZGNjMTY2NjU5OTZiOTI1NTVkM2ZhN2RmNDcyNGQ0ZGZjMDc2YTFiNWE4YWNjZmM2ODQyNDkzNmYxNjhmOTNhOGU0ZDcyMGJjZDliYTg2OGFiMGE3ODQxMTdmNzBjYzIwMjU3ZDQ1NDRlYjhiNjdmNjVmMjE3ZTE4NTFlMTVjNjg1NjA3OTlhMGQ0NGIwMzI3MmU1MzU3NmM2MzM0YjA2YmI4MTA0NDZmODMxYzdiMzhiNTM3OWIwYTY1ZWI5NTI1MTk4M2NmYjkxNmM1YmY0YmM3YWY0ZDk2Nzk4MTMwZGM3MGZiYmM2ZGI5MDI5OTVjNTIyNThhMzgwODVkNmI0YjQ2MTU1ZDQwZWZjODJiZDgwZDNiOGM0YTBiZDkyNTdmYTgzYThjOTkyYjdjNWMwOTUwYTNkNzdmYzVlMjgyY2RiYWQ1ZTI1YWVmNjI4YmE1ZTZmN2MwM2Q4YTc2NDE4ODMxYjE0YjNmMTc2NDQyN2ViMmQyN2MxMjk4MDM3ZjRhYWY3ZTQzMGU1NmYyMzFhYzc5NGIwNjNmYjcxZTE1N2EyMGU4ODI0ZGFkNXwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com&t=jsonp&c=a_oycpbnkctselhl&eu=https%3A%2F%2Fwww--wellsfargo--com--nf49329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=y0ExVYTWGAzt4XEyfk4Yebeom1QfsnGF21XalaKI27+Lo7Am3HomuzewElFhcMH3; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
_abck=751828640FA1A6E1B406E9129CD57AA3~-1~YAAQvgplXytqE2uIAQAAMxqzgwpymer7k/leeqnCFF6wDsRBfJZG0OHhJjaSyKcKNIq6Bk+jlusW8GksA3F6Cdk0twVtyOC1e61o2QZauwyvJ9cM1qnbz04D8aPti8wNde1Yws+2Klsg7CKHdj6BxJhkYYSo0n4LeXNrd52fwV+SjKpBCC1THESMzwgBl63ECmet+o6keqHaSTlDR7LbEnzPYVJ9fSYEsFAaZrjUAIUojj+IWbIaUu+ZnxpaI9sByWJniIoiqY5eJ+IKiDn+75OEBQ/U6EyzjZztwZYQ27xz0SaI3Y9ImesGl3Azw5H1v3rtBaCYeunU5xWrk16wcY3R4ySzggM/Lqvy2eU+sa7MNCmDRmvzuLa/BJtJpsF3~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:52 GMT; Max-Age=31536000; Secure
bm_sz=B707A280ABB65864E18B1663A4919063~YAAQvgplXyxqE2uIAQAAMxqzgxPYfRjZNvAj98j3O1sCj2/DJIv2y4lXyTqDDy8uIJYRNjj7vqgANHSR6O5FV5yN4lChrE50ZE43tKXpgBZ2MVF6/+eMcdv/scQ4ggYyIu/02NGqE2g1cHR1/3i72uh7q1EMPSmBW7NgnY3zcBAFUlNB4Fkmy8xCCxH1PZxCJrrJn371Cg8RkPr7tmVOAiU701tEYGQaNeRT6ERy4uhgsyiLkJLSfo4D+MKOm81s6thjky10fqz8/8RExJWf/RQwR6SpxDr8AsReirvX4d1k9N+XJp1e~4273204~4536112; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:52 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.4321007022041953
95.101.10.136200 OK 52 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.4321007022041953
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6835018ef54e13e3064b0842ae929c38
63afd104e7df00e575afdb22e6c40ffd50beb759
2db0188cf2859396f2df702ea8bdaf102e04802597a5bfd7b537fd352eee1c58
GET /PIDO/pic.js?r=0.4321007022041953 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52539
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:58:53 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=UIUqWnSI3CscBzjXkhbB8OIRbYSaGUw13bFQIDvyAgM%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.132.220200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 08016fd733669826b85b9b6d48099f5f
b6130b6cc09dd5e65e51639146e49b06843f06f7
d3dae04ff5fa2499c8a1ee9b637e8f0aa96803ab28e462daa652cfd0606ec631
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2044
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0; ISD_WCM_COOKIE=!3XsHFylg4oENmUHz2xKqB3cO2dndHmaqPrvQgBHNoRhmh4xk4yyaxk0YScytSQwfIullCjzO0xfvXg==; _gcl_au=1.1.2126315790.1685836732; ADRUM_BTa=R:27|g:9808a318-14a2-4052-a23d-a7e70a4ee741|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:61; _ga=GA1.2.327938286.1685836732; _gid=GA1.2.997034390.1685836732; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiSnpFSlROaE5GK3JjNGhaVDNDS3hXZz09IiwiZSI6InZLamt3Q1dQMW1zNG5xY3lDS090SjRHRE9IcVZiXC8rZHpwcVwvb2RLZ25oam1OQWxkTFVocXFUdDFOQ0cxdHRzZFZBVDdRMDlqMkoxZmdrTHRwUW5cL3dpUWkzVCs4SG1kOUM1M3pTSmdicTkwZVBpS3BMU2dtZXZ6MGdrVVBySVhKdEFsVFNqWkpKSU9xMWVHWmhqRkV0dz09In0%3D.46b2ef3e8d410cc1.ZWMyMDUxZGZmN2MwNTM5OWQ2MTdiYmY5Mjk4OWE1YWIyMzgzMjk3MDkwNTRmODJjYjUyOTkyZWRlYmUyMWUyNw%3D%3D; ndsid=ndsax6rx9ncr6udlignnvvq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=K+OXbvd8eEjRE0oW4wO5HQDNXp0JqdOOPz4N1PeEHcdM2Gut6FvFGSsZlJuHDqs%2f; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:53 GMT;Httponly; Secure
_abck=80E0524061A78D466FB4A1BCAA906CDC~-1~YAAQjtAXAq7fSIGIAQAAixyzgwo5BgqY4NVP09AYIp8v1yVfEz3BetewIeNRNEIJNbAHheTyiEm3NpDnaljV3R5SrcOuNGfmJvhIb1tuPlSyJzVaGuarD+mA6wixkv6+PB6Ym6JZRskOkS9/7sjhQjCXdAxe7IubV+6bIPWq1LsLcPMu4vW2wJTPxf2BZ7/WXqj0Vzj9O5t9w1ItutwvSkorLmaXePRWq2k7OiCTnqqKSmi+4eftYe8ki6cqM88J/O74bLYG6O6GTohbRBHbu8uhcaQ30R0TOXdXc8jo7VH6PBgp013AFF5ugKZpL8lq5oYEDIMY9pW4FjkxofwTJ1K3+Lec6LmBUXHyoDHMwZNa5to2r1tecHJsLx7ubsF3~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:53 GMT; Max-Age=31536000; Secure
bm_sz=BA09B71E6026B28F39AB1E6416EB000B~YAAQjtAXAq/fSIGIAQAAixyzgxPq1tXONPvKa5w1L+u/F6JPcdy9pod9OvCqntKCdVMneQkbDWp57hJu73r2jSo8ryiCPB8ccnm0TK0Ph7HbNDo8b1q48+4j1Rl78FnztY7NhKRraIjzE59M9hREMxKarPGtVdQfBue9yOMQpeyH9llR3LjFh/1plFAsnrzsRMkDgN+T3gDMrn7YqMFvVN23Jcx/NMdaT4E9X7n5BmW5CbJ+3V7OqCN57OUw5PZcWEZYXLbg1Xzv5g9FkF0lVsUOl+4b5DTLyvTDXrn06vRjrDC88xTE~4473922~4339269; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:53 GMT; Max-Age=14400
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3bd_kf173_12434-43348
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.5973519499544242
95.101.10.136200 OK 136 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.5973519499544242
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 136 kB (136543 bytes)
Hash 032c804929fb80894d2c7a849a258d66
5aac0378a9bb462b8d70a8e4f717199a3b9df506
c959022e015690b55e574d43eef45d62e39af28d62f4dd90e4e4d8008d259a8d
GET /AIDO/mint.js?dt=login&r=0.5973519499544242 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136543
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 03 Jun 2023 23:58:53 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=VZHaRyl+y3ahCRyOjet%2fVZPEaZe41nWr4MMb90JIpXc%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.132.220200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash de59966772cbbeca11eede27e7ae9d2b
93b6c41cb6380c28b78f6b5ffee44a00d248f9bb
3577486fa70d4d7609b235fe4e334af50035f830466edcfbca063fb75b41fbcc
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 648
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYN%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22Ab3Te2QAAAAASsd5pTcVuSg%2BMORGCzox%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0; ISD_WCM_COOKIE=!3XsHFylg4oENmUHz2xKqB3cO2dndHmaqPrvQgBHNoRhmh4xk4yyaxk0YScytSQwfIullCjzO0xfvXg==; _gcl_au=1.1.2126315790.1685836732; ADRUM_BTa=R:27|g:9808a318-14a2-4052-a23d-a7e70a4ee741|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:61; _ga=GA1.2.327938286.1685836732; _gid=GA1.2.997034390.1685836732; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiSnpFSlROaE5GK3JjNGhaVDNDS3hXZz09IiwiZSI6InZLamt3Q1dQMW1zNG5xY3lDS090SjRHRE9IcVZiXC8rZHpwcVwvb2RLZ25oam1OQWxkTFVocXFUdDFOQ0cxdHRzZFZBVDdRMDlqMkoxZmdrTHRwUW5cL3dpUWkzVCs4SG1kOUM1M3pTSmdicTkwZVBpS3BMU2dtZXZ6MGdrVVBySVhKdEFsVFNqWkpKSU9xMWVHWmhqRkV0dz09In0%3D.46b2ef3e8d410cc1.ZWMyMDUxZGZmN2MwNTM5OWQ2MTdiYmY5Mjk4OWE1YWIyMzgzMjk3MDkwNTRmODJjYjUyOTkyZWRlYmUyMWUyNw%3D%3D; ndsid=ndsax6rx9ncr6udlignnvvq; _imp_di_pc_=Ab3Te2QAAAAASsd5pTcVuSg%2BMORGCzox
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:58:54 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=JOHKmfJuXNbFn8ljBEFcgHu2GuHUGkJiglu9C%2fnZT8Fbbm01+A7B+SK5SL1Nd4IT; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:54 GMT;Httponly; Secure
_abck=625D69FCE7FE7ADD333E8FFC30791496~-1~YAAQlNAXAomL4XaIAQAAEyCzgwr909eioN9Xnje39jEEeryaYSZm44IhJmCH9XATEDG9LDFopmtTcrFPp1AyXsjaFC0OaaiM29tbv26Sz7q0JKwyaAvPmiadG2V0BDtDPYmJb3gHoYN4DusxFb/wfjJc96YT+YGpguW3qi4p1rpbT8Mck5D9idR0EMEgZRaAMEz8m68g/AoQ0rgXSmyru77ORMqlsE1DfBMkN4hWSWnFERnVArY6oDuc+s1VNcnWQFArEbLuLu+TOqZMM82MVPVx9oAZkUYWqWT+qT7CRcvKT8D7aryOtyWpKy+t4VY4GUKJus2uqEkBPMNWp7rnCkUzToqI1gr/FJ8b5OTHr7Z/1gUN0kCQ99J8amRyrRp3~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:58:54 GMT; Max-Age=31536000; Secure
bm_sz=EDA08AF3B046EBD9AB4369C6DB5B9388~YAAQlNAXAoqL4XaIAQAAEyCzgxOgkKPTb2+wBSZqW0spHK9+cQ3GqOYUMQlL6GY1mlq+tj3bN112kTsGUkWC8EJwOiKlX4nMZTNvkxPlrlF1h7Th9YcxEZkxF7v2AUt/6xg3PWR+WsMgrbhqPVYYIjvrpW69PExUBWxP3Ag9IUgwzs25niDlkLh5kt7aA40RmKY/lmOsT3NTa3RNPr+gSf+nWISE3d/NWkSH9E1WVm2RFU8n32Gg6MrhG6SdYqLfpHC7aTDixngUaZ5jH8JzqzNg16XLjWJ6UsPaF2MVJA/c8gc/4cUo~3556151~4469302; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:58:54 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3be_kf173_12434-43359
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
44.241.253.39200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 44.241.253.39:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 10445
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 23:58:53 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:1ff2662d-3393-447e-8c59-12fd81685343; Path=/; Expires=Sat, 03-Jun-2023 23:59:23 GMT; Max-Age=30
ADRUM_BTa=R:55|g:1ff2662d-3393-447e-8c59-12fd81685343|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Sat, 03-Jun-2023 23:59:23 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Sat, 03-Jun-2023 23:59:23 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Sat, 03-Jun-2023 23:59:23 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:16; Path=/; Expires=Sat, 03-Jun-2023 23:59:23 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
44.241.253.39200 OK 188 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 44.241.253.39:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00ca0d7136a8309bae4f643d4ea4b1e9
01c1fd3fdb7337af7d48adb443fb75fada813f33
78102611ec65e53113128fab60e970913a7ec0e4895f8d3146dda7fa2d0f449f
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 23:58:52 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pid=ca7eac19-8477-48a1-b384-d968aa2fabc7&sn=3&cfg=32a3f9ce&pv=2&aid=
95.101.10.203 162 B URL rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pid=ca7eac19-8477-48a1-b384-d968aa2fabc7&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 95.101.10.203:0
ASN #20940 Akamai International B.V.
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 8e5f16d3d099cbcba6c08e6cd2b38409
389aef816b287968cd6f0535587d97e870cbe454
abdf0dae581e41f673bce581f47498bad92431561b8d6610a496c1e06ed191a8
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pid=ca7eac19-8477-48a1-b384-d968aa2fabc7&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50637
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 162
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:59:03 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!ph/7LKbM0wawF4oq/D2JHXmrrcNtCwNLBk/v0pZ/TmTDEroNENscT/uwN5Yu5qWJ7/CimTcXY25Raw==; path=/; Httponly; Secure
DCID=UDKqR6av8a1aZER83GNER+QSPUd0X0VRbPgmTFzZ4YO+GWeconr64bcMm2nhP8tw; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:14:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--nf49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--nf49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--nf49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!91zb54ihtQc+HTQv/BdPMOHVwv+ySakkkyT9UPJ1gtIaQKMd3l4CHltnoSmtjM4OEDBiBb6vU3GT3tQ=; utag_main=v_id:018883b310ae003e796bf400763405046003700900918$_sn:1$_se:2$_ss:0$_st:1685838530856$ses_id:1685836730543%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUsaY4CzzTF8CmqxTzop%2BI2Urff6k7zjR8F6nmB0PM%3D%22%2C%22_s%22%3A%22RhsMFJYNjSrPdxnZ4CQFmX7%2B%22%2C%22c%22%3A%22MnpKbmN4Q1ZPT2pKdjVOWg%3D%3DhnofojVQ4E1b2ueSufwrPvPcx3mAGTAu-1kX6TG4tMcyuONSjuXfT3I5Hkv8ChNzYslTSeAMTox6T56yuurGY-7aTYgw5Qst7kY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22diA%22%3A%22Ab3Te2QAAAAASsd5pTcVuSg%2BMORGCzox%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22Mpqa6TIZt6YA4aIBGM6NnQ%3D%3Dv-Wsa_Hwc5u-lSmbOrS5uMHOoaseV2NpRhdhUq35RMheXIdIPw_QBWQyq16N3KfxWl4lbYpl43Crvji_-U0l93PGn69Pd_9kAjjqExmK6S_PVblzztLtwDOGQeTFGUec9AT2Z3cq3GHmI0XyMF_WjLKfQPuNDk-u7jh21s518hZ4H66v28Pw00oe%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAvmT6R2g03oD804%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C43248996435568849315493596534061531275%7CMCOPTOUT-1685843930s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0; ISD_WCM_COOKIE=!3XsHFylg4oENmUHz2xKqB3cO2dndHmaqPrvQgBHNoRhmh4xk4yyaxk0YScytSQwfIullCjzO0xfvXg==; _gcl_au=1.1.2126315790.1685836732; ADRUM_BTa=R:27|g:9808a318-14a2-4052-a23d-a7e70a4ee741|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:61; _ga=GA1.2.327938286.1685836732; _gid=GA1.2.997034390.1685836732; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiSnpFSlROaE5GK3JjNGhaVDNDS3hXZz09IiwiZSI6InZLamt3Q1dQMW1zNG5xY3lDS090SjRHRE9IcVZiXC8rZHpwcVwvb2RLZ25oam1OQWxkTFVocXFUdDFOQ0cxdHRzZFZBVDdRMDlqMkoxZmdrTHRwUW5cL3dpUWkzVCs4SG1kOUM1M3pTSmdicTkwZVBpS3BMU2dtZXZ6MGdrVVBySVhKdEFsVFNqWkpKSU9xMWVHWmhqRkV0dz09In0%3D.46b2ef3e8d410cc1.ZWMyMDUxZGZmN2MwNTM5OWQ2MTdiYmY5Mjk4OWE1YWIyMzgzMjk3MDkwNTRmODJjYjUyOTkyZWRlYmUyMWUyNw%3D%3D; ndsid=ndsax6rx9ncr6udlignnvvq; _imp_di_pc_=Ab3Te2QAAAAASsd5pTcVuSg%2BMORGCzox
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:59:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=V1QbTWX5Y0Yo2QrJrWVppDLOiksJGMdGW4%2fMHourh9KrThYnIPwomvsZdhYcVE2h; Domain=www.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:14:01 GMT;Httponly; Secure
_abck=6F65682C64AB9513A5DC61F128ACC90B~-1~YAAQlNAXAh+M4XaIAQAAwDuzgwqaFOMJgXjX4PmCHhfrSIUCkPeoiaObPtPCjtN7vh6MGP0DUlOhqJshlLYIozyW/oFJqKfsEAbBlP/xVqmSXBvtgGstc+yozvqDazKtscGLQZEvmW8jdHdiTtXQmsgUIpWW5KlTsuroSLNdgbgYfprCWyTtYhMvn37PU0IfnFoSIDmDD+1rvOZ94xIrBXhpWyoTPNmywq9HlxjsKM0SqYuf08tmk4HraOY7QDjUOLsRTTewupsaPrZ0uhcCv1fbIgR6sg5ChokWXQiy1k/UXOBZlOUY7d6g2Scnl87fjZCYbwwYthUodcjolTGvS8ObJtA6f2GhJBAzBhfuMagUW3S+yFuXU6218tBum6cU~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sun, 02 Jun 2024 23:59:01 GMT; Max-Age=31536000; Secure
bm_sz=748CFB0DFD2BD150FA199DCF1F513125~YAAQlNAXAiCM4XaIAQAAwDuzgxM6aXUAZC44jAXhjdPwSYxACxc0oZt3YsModj5hzG20vVZZ81wwr/tsm9iGQPUfetWdTheXmBKHs8ZCh3o7shKQssdjs9mxjWjT4qs/Ffv1P2BbiXCTBp6y6TYnzFiTJQQdzdk5V7/gUFSpYVwnT692tUBqXz408VAAFi6MhL32XHk//7Gu5oTfzlx/a7iGRFyJGwR30kVcKPo3r4qkMafk8tg1qhE9FSteOi1toiNbhYo8PcS+DkYtGQqbokFauCQgj6qtAySCy1Ok6sNDZiwSMk04~3294788~4600898; Domain=.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 03:59:01 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647bd3c5_kf173_12434-43449
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pid=ca7eac19-8477-48a1-b384-d968aa2fabc7&sn=2&cfg=32a3f9ce&pv=2&aid=
0.0.0.0 191 B URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pid=ca7eac19-8477-48a1-b384-d968aa2fabc7&sn=2&cfg=32a3f9ce&pv=2&aid=
IP 0.0.0.0:0
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 071f4b07b21c1fe62fa28dcca5e5e8f0
b25f2cbe2a3afb857412bbc9119c8cd374db8205
513cd10625c5e8945ba95659565618e04b95175a0b496f706d2150804c61eedd
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0&_cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e&pid=ca7eac19-8477-48a1-b384-d968aa2fabc7&sn=2&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34235
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=ae0eaa3e-e374-4dd8-a9d1-d585c3389d1e; _cls_s=6f2d6cac-e94f-4d8a-85b8-17c31d5dac99:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 162
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Sat, 03 Jun 2023 23:59:02 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!FS3EPnws/bOcs7kq/D2JHXmrrcNtC9GtqmtNQuuHYvIGA34m2iHpJLM8cNhpdihgg8YtPqv9Gx9iGw==; path=/; Httponly; Secure
DCID=6iDJ+rcSLzimuqr7qcHiXbQmFz%2fiQCsrYJTJqeDJDWPMFD3XYUClO1CZOso+wbsF; Domain=rubicon.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:14:02 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
95.101.10.136200 OK 550 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 550 kB (550428 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=DJV7jXqwTKhlN7f1I0FCozY9KFFUWcMwez67TiB4IRkZYGk%2fwkvFCQxRlqdl6DPw; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
44.241.253.39200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 44.241.253.39:443
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 Jun 2023 23:58:53 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 135
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
95.101.10.136200 OK 672 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 672 kB (672168 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=jewPHaQP+sqY3wt0UoV8xdI1MJRRMR9V36S3I7TJSjBnR0r6%2fhadyyLj65YA33Me; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
95.101.10.136200 OK 681 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 681 kB (680981 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--nf49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Sat, 03 Jun 2023 23:58:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=OewFKATBjR8nYb6Bv1e%2f0cMttjTexFWU6nsO67UA5jySLd8LY4ar9ohewzCtxP53; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Sun, 04 Jun 2023 00:13:51 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains