tracking-protection.cdn.mozilla.net/ads-track-digest256/1684337778
34.120.158.37 56 kB URL tracking-protection.cdn.mozilla.net/ads-track-digest256/1684337778
IP 34.120.158.37:0
Hash e82f812913b6a06c608d7bb688e184b4
ea5db373525ee7dfa0abaf0befb2dae54e62b699
46fb1d72ca8047216ad4c5349f791a385049e1025042a3fbca56a7bf94ff2e89
GET /ads-track-digest256/1684337778 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: mAV6JYql0Hj/v4dZcxitCheENADj9j6yfk3PYkQQDeSJPxnsyPrC2sZFnAHMlt3B9m/KnrJ38G0=
x-amz-request-id: 0RB8JNVW5A1G166G
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 56534
via: 1.1 google
date: Thu, 01 Jun 2023 15:37:08 GMT
age: 33557
last-modified: Wed, 17 May 2023 15:36:30 GMT
etag: "e82f812913b6a06c608d7bb688e184b4"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/analytics-track-digest256/1683905755
34.120.158.37 10 kB URL tracking-protection.cdn.mozilla.net/analytics-track-digest256/1683905755
IP 34.120.158.37:0
Hash feffee93ee53bd6b02687bb9d9a11425
f9fab28225d6eb2ed2e72ce675d5d5b624383658
3b09c3bc75d40a2dc370d7a9e88433d74de203f31056900b995b497950f2d672
GET /analytics-track-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: qTXmqRGGh7kr1FVOwBOqMOraFSI1ymXRD8APvj5f0PRrV1DHG0XNX5YIl8nxIlKQc0A9NCssPSIuHKEeZIs/fw==
x-amz-request-id: NECEESR4B36MFTGP
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 10486
via: 1.1 google
date: Thu, 01 Jun 2023 15:36:45 GMT
age: 33580
last-modified: Fri, 12 May 2023 15:36:10 GMT
etag: "feffee93ee53bd6b02687bb9d9a11425"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/content-track-digest256/1683905755
34.120.158.37 15 kB URL tracking-protection.cdn.mozilla.net/content-track-digest256/1683905755
IP 34.120.158.37:0
Hash adff9f8518019ddb5b72e09fa471bd56
2a5cf28dcda107605da2bb4f6e56a07e514a927f
900f414ea63bb7f4e5a33041d77112c309aa8dfebd93681895c596d948ed12bf
GET /content-track-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: BN0QpV2f4XJMCyRDt6Ltxv15+iqc4go7+Ci5riFPddAcFd0t0LtLk2RRweDoTjWvIFbXOBZ5UTw=
x-amz-request-id: HK17DRNEANCHNYH8
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 15350
via: 1.1 google
date: Thu, 01 Jun 2023 15:37:06 GMT
age: 33559
last-modified: Fri, 12 May 2023 15:36:06 GMT
etag: "adff9f8518019ddb5b72e09fa471bd56"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/1683905755
34.120.158.37 1.5 MB URL tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/1683905755
IP 34.120.158.37:0
Size 1.5 MB (1476920 bytes)
Hash 501d3f65be5457b0986a2f0b880e88f2
0df631bbe10a12e255c8d323fed084f51ffb842d
e3acbced9ab46ff7a41311445b2bd1f6f70f8716d35131670528417d2c9a6627
GET /google-trackwhite-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: VSzrHGMkCVNgkzJqQ38pWJdSy0EtAzjkXXunZzlmNpHhxIbfET1AJxRfMKU+mxnUFUlsm6dBUW56Et2k3Sukmw5V5ntMuF+w/aVcjmWSZ4c=
x-amz-request-id: 5CYYYK0BWVG65THV
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Thu, 01 Jun 2023 15:36:59 GMT
age: 33566
last-modified: Fri, 12 May 2023 15:36:17 GMT
etag: "501d3f65be5457b0986a2f0b880e88f2"
content-type: application/octet-stream
content-length: 1476920
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/1684337778
34.120.158.37 346 kB URL tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/1684337778
IP 34.120.158.37:0
Size 346 kB (345943 bytes)
Hash dc048d310df250632824a0ef784c0503
349ed5134df1bb49ba48bab8498c932655795279
a217142987da561fafd04a5f77dcab5860687e0089002eec43cd8bd619b9870a
GET /mozstd-trackwhite-digest256/1684337778 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: GMieJilB4Qa4fmD4jZeEeE+nOy+PfYVOBZ0F6ABU8ziK++kvvAalRLqTw31bHlOD01VEqHAavxA=
x-amz-request-id: 5SM911YNTJ59NG24
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 345943
via: 1.1 google
date: Thu, 01 Jun 2023 15:37:09 GMT
age: 33557
last-modified: Wed, 17 May 2023 15:36:35 GMT
etag: "dc048d310df250632824a0ef784c0503"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.dcocsp.cn/
47.246.44.230 471 B IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 3d25d4accc054841904c210030f2765b
5586a01c7f26c3f1b55ffe41fe5ae219492a5334
733dd1e500076a819ae487f05161dd050d436d49a72c1d11e5c58760ef008bcf
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 02 Jun 2023 00:56:26 GMT
Ali-Swift-Global-Savetime: 1685667386
Via: cache21.l2de2[277,277,200-0,M], cache3.l2de2[279,0], cache8.se1[301,301,200-0,M], cache8.se1[303,0]
X-Cache: MISS TCP_REFRESH_MISS dirn:4:407567267
X-Swift-SaveTime: Fri, 02 Jun 2023 00:56:26 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9c16856673860251298e
www--wellsfargo--com--g449329d48d6c.wsipv6.com/
163.171.132.220200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash 598764030c9845e800372b66c932723f
2a74fdfc1b2efa5699e7d2b186eb603e8165c42f
f447ddfb36b316c1a3094b275df279cc0d22afd39a1db3a671b21dfe98adaad6
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:26 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18839
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-a0a0deaf-7834-406a-925d-d3611dceade8' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18771 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae; Expires=Fri, 02 Jun 2023 00:56:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 00:56:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 00:56:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Fri, 02 Jun 2023 00:56:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:70; Expires=Fri, 02 Jun 2023 00:56:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120230601175626932056529; domain=.wellsfargo.com; path=/; expires=30 May 2033 00:56:26 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; path=/; Httponly; Secure
DCID=K0gwFEOZRD%2f1z1ys%2f7zz9pm+2feoEoaYXpRy5ll0pY0%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:26 GMT;Httponly; Secure
_abck=C5E5F59ED340236E39116141174C02B8~-1~YAAQlNAXAkxPbHaIAQAAGRSbeQkSLtk9zYLcDH/aT12B5Sj6M77TYApOhxsahZF+fuj4qgAlG6pKxBIo+vvw9Ko4YrhUEikl4L3rEyuQPvT39a/Np3qr8q7P/GNO9t3PfoYLq/kALQyXbVu5SQ7Nb0pTdGT6ukLkoqfpUl/AuTGj6HVsWILcDDzW5CmW+BeA9sza8bA11xORLZJ7+OAJvxk2MyktR8VIaPgacnp3vzpsedPxF54/r3IHrSfuAV6NS/nqc8S6GfUeKtjbNggsoOddthOvIor+YNIG3vEydSHAHGS8EsOD2lE2fq1nlRbQooqkhN664N2FkEFPanceUuag1Jv7aK4wYdZ9WEPeuWwPpTnb+/jbkXacdxBciC29~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:26 GMT; Max-Age=31536000; Secure
bm_sz=6BD82AEC6EBE329AD33BB036795777E4~YAAQlNAXAk1PbHaIAQAAGRSbeRNC9x53hzupWchoc8jsyCCDeX4/pVo0394y53sanJV7eCuF6kg6unHHFojj1ewvB3HpUflOvd0o3ylcfTR6r9bDqrHfFjbmFdlim/fRyA3pZdJdde/94kmSDe9kbz9yilO4tYCJU9ERBTpQ3e/XRM2Jzz9thUv/REYbD8liQOfjMCpJs1JN0P05Ji2WNNlUBzj/PrFM+2kjc+v2MzHFfOAKwG3Lv6vUUt6Dk4l1SY5FrVUf8sUIoW9MrqKz0KjTaDGSt+SUlPP4EMJ0asrp1R3SJELy~4272449~4339766; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:26 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3a_kf175_12005-1348
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
95.101.10.152200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Fri, 02 Jun 2023 00:56:26 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=fIn1cdnfY0mopXsNOg+ulQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
95.101.10.152200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Fri, 02 Jun 2023 00:56:26 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=lwUc%2f7Fj20WuXocjpd9jew%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--g449329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.132.220200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:70; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:26 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Fri, 02 Jun 2023 00:39:34 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3a_kf175_11685-8055
www--wellsfargo--com--g449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.132.220200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:70; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:26 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Fri, 02 Jun 2023 00:39:34 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3a_kf175_11680-55841
www--wellsfargo--com--g449329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
163.171.132.220201 Created 77 kB URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 3b2227177307401f0ad66f16a01dfd5e
098aee523bc90b9abd2658dc3cad2b8d984c148c
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:70; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:26 GMT
Content-Type: application/javascript
Content-Length: 76583
Connection: keep-alive
Stored-Attribute-Sha-Checksum: f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Last-Modified: Wed, 26 Apr 2023 15:12:23 GMT
ETag: "5b8f9de7319f5214c46d203ee7c78f9bf749d0b7eaa059e3b1056741a3d903ac"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=21Z9m2qxEMvh%2fGMOS6KgKw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=EE61640094A93B6FEABBF80AD4A6BEAA~-1~YAAQlNAXAk5PbHaIAQAAsRWbeQmZ2ZOF4m52L8uaYbefFQY7t0+mOjwYMCd2jXWQ9v/Sv5kH0MwEa/qXHwuH6PgeEgRbNKguXxBYvelxknMw2RdSONaDGEfkgpSqW+NZDNZXlU5g882lR5kO+lPU2YlgKRBpS0M5cMya2oPEiXT7wIWspsp0Dc1qi6BfxbjQvPC7U0Ox9fNya8dGHbIrjMLUvt67gdqkxMQNMInFkVT6a+J0aMefM+UQuUYdfNCqrZyqJVJxpUdjSMeZ3/yYFsHa4zGUYhKT9ruUGISAwig0jlX5x/3ZO57bnBXdmixJkZU9dzHcAS8fsvTU3aL3VQRHZkBt+ZPNMLnLPDSpZIXsc5vpFfoWrmP19GqTGk4P~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:26 GMT; Max-Age=31536000; Secure
bm_sz=13FEAD9F9FA45B1585005EC90DBF04C8~YAAQlNAXAk9PbHaIAQAAsRWbeRPx9fgtke2UWUWEqJB6XXSEbJtWyOGj+v1qUFELVfcU8qp/PP6teaiOi+AfRq91mgFy3vmxFzUhV6DYI/mLf9G2idoFgW5W/F+wMmfvzYLTdCiLcWbSSmqXpJ0jXiU7DOM0vkVN/RAPdEnOY9chdJ7sGJbUrZ53SpH71l7wYivJ5My8Nn+5wTOL3xCPERjXB5PwQL4IvNlB/g8V+qijdzARm4b/Bfo7PbepQ53EZudM9kgepZkt5syxlG1ITkzWJW7JTLV36hflXgfrrOrnd4CMQwnV~4272449~4339766; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:26 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3a_kf175_11820-24461
www--wellsfargo--com--g449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.132.220200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash 1c6ed2e8e9161309e7b27e0cb09006e5
e565d1eb10d52651f5f43566f9b5b838dd09428d
db9045e96e017931c97975c705d0700b26599fb9210c52c508f2823993a7e3ac
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:70; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:26 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4283
Connection: keep-alive
Content-Encoding: gzip
Expires: Fri, 02 Jun 2023 00:56:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A44Vm3mIAQAA0e0WKRbmJJWcrN-hMR8HdPUbxWy82XEusPFq0YTI8dJuNttTAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|00a616573ac25c413a5b6306b0ea2eb00cc359e7; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=etO58jg2Er6EjbOcgfQYfjXfo5mg1PdvgKLzE8fp708U9onnQqOj8tQNTSoQ7tMh; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:26 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3a_kf175_12005-1372
www--wellsfargo--com--g449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.132.220200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:70; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:26 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Fri, 02 Jun 2023 00:39:35 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3a_kf175_11820-24460
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.88.16.188200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=1211566
expires: Fri, 16 Jun 2023 01:29:12 GMT
date: Fri, 02 Jun 2023 00:56:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.88.16.188200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=1211723
expires: Fri, 16 Jun 2023 01:31:49 GMT
date: Fri, 02 Jun 2023 00:56:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.88.16.188200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=1211586
expires: Fri, 16 Jun 2023 01:29:32 GMT
date: Fri, 02 Jun 2023 00:56:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.88.16.188200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=12851584
expires: Sat, 28 Oct 2023 18:49:30 GMT
date: Fri, 02 Jun 2023 00:56:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.88.16.188200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12994406
expires: Mon, 30 Oct 2023 10:29:53 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.88.16.188200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12851598
expires: Sat, 28 Oct 2023 18:49:45 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.88.16.188200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12994406
expires: Mon, 30 Oct 2023 10:29:53 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.88.16.188200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12918835
expires: Sun, 29 Oct 2023 13:30:22 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--g449329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2359
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:70; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Fri, 02 Jun 2023 00:56:27 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=SVb9blzuPVK28wb6wp7uBQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=SVb9blzuPVK28wb6wp7uBQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=1FF90C363A842F05CE9007122F3339B9~-1~YAAQlNAXAlVPbHaIAQAATBebeQkaBR21R9h8Klc+eHg6oQz460xP7Ij36N0v7j6pKO+yW8m6YYQvy/6/NR91wx0slw29z1qCrHWmI5ieyaxOAS923cuo7pRnbKfSW1yCPVrXz+HD8KGs/f8KHA5j4+OcJCbbTQy0JbJxQRZ6H2PqNxh+Q34koAsvjD5Dr5gJBMEe2tMRrtMXV1Z/ba5uERGngBYB60xSlz2SbZA4grdS2rPWXg6NBv8t0i1r63am9HXQNc/HeNCtB05a14uSTi1sKLeWwbMlWJRTpzW6qKW/tTvA72Xuvx28OJ/IAY6wiVHKTw8kqE20GqfozFDlL6M3jTyDnY3Olh1tBqy+jRDTX8vDJ6LYvWpjRPS5/f6d~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:27 GMT; Max-Age=31536000; Secure
bm_sz=7BCD1FDA8FC1790A3C7C30DC99F61233~YAAQlNAXAlZPbHaIAQAATBebeRNKIT52NJhBbW61NC6g3oZ3GzAuxvSQ+LjNTXcztr8P9nU9byETF2+Qe8FOcR20grnf7ceajhLShC2K4QSeJbHR9BNZJugFh2c/kWEqbaYWoC8jb2bt1y4VWRxckvKTn/pc2CAF65P9VBxXex9movdbTSQb3giNycxlYdcGz7phCEwmXJyJvxZgQZKcehL8rQRdY801wWZddCy85IEYmKpVbYPcU8tEFEE60/d0vpu+0njehQF7B4fEuFyh1PpreBm/84QA+y/h/882y1z+4dvJMPnU~3360056~3551543; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:27 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3b_kf175_11680-55846
www--wellsfargo--com--g449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.132.220200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:70; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:27 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Fri, 02 Jun 2023 00:56:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=ymaG3a7UKdrwyZelUeUnOSkWTEOb%2fAqEccDP6uugd+o%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3a_kf175_11820-24465
c1.wfinterface.com/tracking/hp/utag.js
95.101.10.106200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Fri, 02 Jun 2023 00:56:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=sU4VuW8Oj7boVzpHTPl+pw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--g449329d48d6c.wsipv6.com/target/offers/conversations
163.171.132.220200 OK 2.0 kB URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (10601), with no line terminators
Hash 1ac4d8588d96d66e31c005b9059ac172
d3b5bc358872fc2ad2f1a35e1848a4123afcf4df
2d7eebb1054cf4ff8ca2492355b1ac8055df9268f611a97b05d7f4ccb46afd46
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:70; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:27 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2008
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-634c90b5-a6ac-4858-970a-7e8fca664c57' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:70; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742; Expires=Fri, 02 Jun 2023 00:56:57 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 00:56:57 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 00:56:57 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Fri, 02 Jun 2023 00:56:57 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:125; Expires=Fri, 02 Jun 2023 00:56:57 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306011756271970097840; domain=.wellsfargo.com; path=/; expires=30 May 2033 00:56:27 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=E73D346294EA37D07B9CB0CA512EE5C4; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=7K%2f23bdycuPspuhYIqTm4xdxqaZm2s3e7cqYPskUKXM%2fQhdAEq2C4EQDuYM7QhW0; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:27 GMT;Httponly; Secure
_abck=1A2C0931A5366B0F1AE38A42D3B6E562~-1~YAAQlNAXAldPbHaIAQAAKBibeQlxo0ykLRP5BOsliee7xtyapmGB43FL5aMnh2SWYZ0ft8grHW2ivtCRcR5qgrp0Ne3oQy7sYG8HkJw8WqR79W6srb2BRjzmUbZ5oivRr0wDTMP3R4J0Pd46CdSU+c/4PSZS0mC3l8Zu0xlRtkxGglsEShajUGDuDZHUWf8tOgmwe6VmW3yrwl3Q8BpfPXXJVpdW/PhOvJL1ev5/ws7B5qHshISZiX07NpRXAoZVx+1XGCfhrZhxSnvL7/yr2hj7eQX/lAxHs6+kyhfAyk+tUEVa+4N4gztwAenxCG9DWZgMegOFJ5EPmTBWW6vSMSBsdnYHSdr2N+dvwF4UMybmhvtf5legxaXVGwVQn4s8~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:27 GMT; Max-Age=31536000; Secure
bm_sz=1B1C9D2C086D1D9EB7DAF89B741AD6AF~YAAQlNAXAlhPbHaIAQAAKBibeRNOzICUbvtc/f6jfibJJ3uc1PFIXxMZdO9CJppxEgCZK58JSRXDKho3Gce5AHVtGJ9iXV0FUhiCkmmYWjLFe9eiVh5PujVHPGSUhvPqf/IdMFrht+Eq0EEShDM6G5b1Cp3ztROidL6gQu/sKQQgZusDDgRyh7duA/qzd3oOX77MB76DUa5Uy297H9YbzxHbhw/iQh4X9FisZEOrD3Mo+GDrJRvcWxbuO/FHGKC7BhcP2cZa8/odGv0uUw9ekYyxClOxu3Of6JarORiBVLIRvm5aKEfd~4272449~4339766; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:26 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3a_kf175_11685-8056
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.88.16.188200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=1211672
expires: Fri, 16 Jun 2023 01:30:59 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.88.16.188200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=45416
expires: Fri, 02 Jun 2023 13:33:23 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg
104.88.16.188200 OK 1.6 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash f4ea54d2de3587734104a7fe6ac34593
abb69048123b667ad90dcba04da4f08a4a4aeeb7
e802f40411f32bc8331100de87c647c70071bbd2e29a44befcd52e48c6020205
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_o_enjoy300_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63f63d12-aabe"
last-modified: Thu, 20 Apr 2023 01:43:32 GMT
server: Akamai Image Manager
x-serial: 1743
x-check-cacheable: YES
content-length: 1646
content-type: image/avif
cache-control: private, no-transform, max-age=1212500
expires: Fri, 16 Jun 2023 01:44:47 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
104.88.16.188200 OK 25 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash bf978a151ba3f10a7412e8cd5fbdb863
2af8e9c16c4f1e96ba1e86beee63521c802c2cce
ac555d446e447b4c8cf2bf2dd377d53c3b21faf83da3259dc8839c782eba1d9e
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6350580a-d82f"
last-modified: Thu, 20 Apr 2023 01:30:23 GMT
server: Akamai Image Manager
content-length: 24880
content-type: image/avif
cache-control: private, no-transform, max-age=1059227
expires: Wed, 14 Jun 2023 07:10:14 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
104.88.16.188200 OK 27 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 45a212ca9acc61f0bb2570fad9b1ef6d
0766da6abe3d736412ceba81a699a55110feb6b5
99dade4264e8d662c215bf128f8911bf7e53123d661d9783c0a4260970fd51fb
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_482407060_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505838-e489"
last-modified: Thu, 20 Apr 2023 01:30:25 GMT
server: Akamai Image Manager
content-length: 26587
content-type: image/avif
cache-control: private, no-transform, max-age=1211599
expires: Fri, 16 Jun 2023 01:29:46 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
104.88.16.188200 OK 562 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2bcde1c3190b4af34b91259d18dcc641
3e6b6735a8876b4a326648142fab032a8bc57999
de658330c0f53de61d10240f572508c31ee9db580f34b856430724f2e499104c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c4d-769"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 562
content-type: image/webp
cache-control: private, no-transform, max-age=1211612
expires: Fri, 16 Jun 2023 01:29:59 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
104.88.16.188200 OK 24 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87b3f9d652a18e74ea8ef53a99b251d6
8773c9b3a11fb9247039d731888724ccfb74bb5d
86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c49-e902"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 23508
content-type: image/avif
cache-control: private, no-transform, max-age=1211550
expires: Fri, 16 Jun 2023 01:28:57 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.88.16.188200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=1211495
expires: Fri, 16 Jun 2023 01:28:02 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.88.16.188200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=1169991
expires: Thu, 15 Jun 2023 13:56:18 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg
104.88.16.188200 OK 2.0 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 54e10b9c13d7d34c19657767d4bab80c
e34a8ab8569f015fcc331eb9eea548cffb7466fd
3059d71b7591fed5674007cbfe04627a88397d42cc58f9a107becb0c269d825b
GET /assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6453c985-8adb"
last-modified: Wed, 17 May 2023 14:04:04 GMT
server: Akamai Image Manager
content-length: 1950
content-type: image/avif
cache-control: private, no-transform, max-age=1256956
expires: Fri, 16 Jun 2023 14:05:43 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--g449329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2835
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Fri, 02 Jun 2023 00:56:27 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=t4Q6JNjD1ids7OjVjHV74w%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=t4Q6JNjD1ids7OjVjHV74w%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=B442BF7D5FBBD9CD40D91881BC3449AF~-1~YAAQlNAXAltPbHaIAQAA0BmbeQn5IKxc89zjl0Pi3DqVAqzHpgJ+YjdelY5ewv0HcCHQRq53N1O1/SlQ/i8R+lcoyOJ55XXMTbeKktumjxoI8j2QaJjzaJy8u7cqan9/dhg3ipaZWFK2xGD2ZJfbILu0zx5ETlMzhkw5DcCHF8MjeKW9deLjlCOJQm32uKfRn7JJk2yedSJRHNoCkSbqAJRCObHmf/gZbDqm/staWizHs8FNJH/y7PkFtFdCsk+tIgdg0DzTE4cTHDX0/8HNXOPfF9y0kEu+a+9FruG+BrPatUpTrJwV+6xyVokiQIACG46h56bl4k3GZNR2vfVqpY1qGgndPyHlsz5c+a2GzSlTwdw1TpD/LUJEEnZTZWbF~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:27 GMT; Max-Age=31536000; Secure
bm_sz=4C87DC886170C279576E029FE1161E55~YAAQlNAXAlxPbHaIAQAA0BmbeROzWdigs9gtSz4ZDbiDcp3QfarR/Ah5rtt+Rgkm9rbSM70t5fHMIEwKE41yyTlgpXt06qkFduNFQ4X9Kx0LV2LHpOJ1OCxLWOXwtQzeL0Cmc+joN1Q74b0TJcuyzqRbqKTQ37U9+FSowGOTvXWQ3oa4epUl6Hp/6Pj1B/S4LG5wXFWP9Z6i2NBK/b1TyfwtPNIy2JXpJOu7/AGwvwzxMvO2mubUzYKMjFeYGvvjaNWkDrZAhCvbhXrIaFJ02CqjWMkCjNEKmXe4R+xcBHm28G7BC6dW~3360056~3551543; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:27 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3b_kf175_11820-24481
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.88.16.188200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=1211719
expires: Fri, 16 Jun 2023 01:31:46 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.88.16.188200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=1211742
expires: Fri, 16 Jun 2023 01:32:09 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.88.16.188200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=1211864
expires: Fri, 16 Jun 2023 01:34:11 GMT
date: Fri, 02 Jun 2023 00:56:27 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--g449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AEDfgnmIAQAAKEyXldHjYQuNKyXu2toehM-eRINAGZQ18MLmkTGrGrU1TW2O&X-G2Q3kxs3--z=q
163.171.132.220200 OK 151 kB URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AEDfgnmIAQAAKEyXldHjYQuNKyXu2toehM-eRINAGZQ18MLmkTGrGrU1TW2O&X-G2Q3kxs3--z=q
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (150606 bytes)
Hash 2c17eb47d1c407de9a611d0db7103e3c
443716089971a241b4c62de809a2735cce6b2d68
7e83146d959f122ca370293d6a125187a665f90cccabca0735c4a65fec5b0b9b
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AEDfgnmIAQAAKEyXldHjYQuNKyXu2toehM-eRINAGZQ18MLmkTGrGrU1TW2O&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:abb5ac43-042a-44f9-aa7c-80229780d2ae|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:70; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:28 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Fri, 02 Jun 2023 00:56:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A7IWm3mIAQAAkXJidPi8vksFv7AH--QiHP6GrS4dahWQGbeAYU1UhwYx6I1kAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|f38018e2981cb9072790436c903bac2a5fb7e0e5; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=jwqNRAb7qpBWRVrOcR33HsCfC0IKUO8DK1qBl0xAbII%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3a_kf175_11820-24466
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.88.16.188200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=1211596
expires: Fri, 16 Jun 2023 01:29:44 GMT
date: Fri, 02 Jun 2023 00:56:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.88.16.188200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=1106537
expires: Wed, 14 Jun 2023 20:18:45 GMT
date: Fri, 02 Jun 2023 00:56:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.88.16.188200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=1211504
expires: Fri, 16 Jun 2023 01:28:12 GMT
date: Fri, 02 Jun 2023 00:56:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.88.16.188200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1211590
expires: Fri, 16 Jun 2023 01:29:38 GMT
date: Fri, 02 Jun 2023 00:56:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.88.16.188200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=1211652
expires: Fri, 16 Jun 2023 01:30:40 GMT
date: Fri, 02 Jun 2023 00:56:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.88.16.188200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=1211915
expires: Fri, 16 Jun 2023 01:35:03 GMT
date: Fri, 02 Jun 2023 00:56:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.88.16.188200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=1211480
expires: Fri, 16 Jun 2023 01:27:48 GMT
date: Fri, 02 Jun 2023 00:56:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.88.16.188200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=1211498
expires: Fri, 16 Jun 2023 01:28:06 GMT
date: Fri, 02 Jun 2023 00:56:28 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--g449329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2295
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:1$_ss:1$_st:1685669187395$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Fri, 02 Jun 2023 00:56:28 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=o23oI6mHufWDNErIP7UARg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=o23oI6mHufWDNErIP7UARg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=84C9FD65B4F9F811571F05E3C2A44615~-1~YAAQlNAXAmNPbHaIAQAAUhybeQn3dyXR5tPt/WCNr5dZ6eK58OLluPvY/FO/1tiuaMRnqQVMh+r3385Ry7mKWqJW4MVcQYU2A1cQAZYsL0/D4Wifp+trpShA2uuudsmb4ULPGYzk4SzFNIecHQvNUbTI1oM1pYvFIyb0JH7EKXJLNjQrxah/sCk4UYXdHkng18fS/50baaDGEVxr+tZp38KqWp+YykQQk2dvKxRnNGyMtoH4W9nZHL1fSajRVVNtX+dj5zyP76NwXcGu6b/apOsIZ3wz/lOo0329x4mPtUBNiEy++Cp9St5mhBfzDaQokkexlnp65+cdRcX/SWoYnnj53hfjL/qysNz8QRrzS52mi1VUo6uyKU45sv0rleUa~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:28 GMT; Max-Age=31536000; Secure
bm_sz=483516B385E52E47C09E5662E0702072~YAAQlNAXAmRPbHaIAQAAUhybeROlm41UP8ts0xz+yZGbQ1D1WBMksEiIU3BcPWSuJtsJUo6UlW38T3MJFHDeX/4Ecf2YdqQaQu4N28/yLipdlbVlyXX7xq1itPDqSo3H8badLfJ6SqF+FLFouvl/583+paHwaB8E6uUJxImCj7kEjxSGBywvyp2UgBSGXxJH5LMv101KYu60ADf08LM3eVac1vddpmw7Mp2mSJKaG94dsjgiCKh0r4j2VNTpLhnJ1NWQksp0szpKBsm2oPmR2JIwJqf8kNcTZxa72bsnZkdSct+3TRKT~3622214~4473666; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:28 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3c_kf175_11820-24489
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
95.101.10.136200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Fri, 02 Jun 2023 00:56:28 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=TslciBEknpLTH1PirFfDKf0Uuqf8Pv+0fqyuzSljPeLY9v3kXO3Spv1PLAIkWrzt; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/gb/detector-dom.min.js
95.101.10.106200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Fri, 02 Jun 2023 00:56:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=invMiChxFwCeuLAJqISChA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 02 Jun 2023 00:56:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=XAimtOsOjK7x5EsUYKF2Ww%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
95.101.10.152200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Fri, 02 Jun 2023 00:56:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=XzxZAqubLb3Z5EE91mxKOg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--g449329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.132.220200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash a38399c2d7381415aaefab072ba759d2
a7cbebecc1c94f556ec000999d0356bf2af91e10
be64fbaa1bbcf79077564e3f2bf4911232d3ae445ee03f1055c8fcd5582425c7
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------172435247620998535383380623292
Content-Length: 171
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:1$_ss:1$_st:1685669187395$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:28 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Sn3coh3yOycx5bz5CoX%2fi6zuU6dbGqjC%2f2k+KnDOx9eQp5hVTy6KJVhg4zdRaFnq; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:28 GMT;Httponly; Secure
_abck=057B6D2800464A9C376A37F0EC97CD30~-1~YAAQjtAXAm0kd22IAQAAlh2beQmvFTS57rperjspADrJzOjrzxhT7RwE38Is/5tBImRvmow7LMnwZKDYDOSwGJwPZSibboXhVvybxU4/QlPqwM1YFqm/oa5moxCNEXtehxIHUVTDunrFcspYkn1XGQXtePQA3fwqyqrIu/iQvxcUuM0leQuHisT/wMgH2H+e5kGeZX3zckXsowOIRvV94kkykEKcsAKMtCYp+u8MzoSdfzHh4i0sOy9aBAmVtAIE+Vu+UiWeO2qFbrcPMuRkX9ON01xQIIMqtAjTpKy1XilIlsjA8ofDNeh7KQ+ZyWOmYHrTDYfat7jejNIB7UMunvCYLpWFKmHHXBbi4PQ+FH+sOxEb/qGVNVEix/G0njL1~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:28 GMT; Max-Age=31536000; Secure
bm_sz=8EDA0669A8F152684C701874BDCC2649~YAAQjtAXAm4kd22IAQAAlh2beRP4v9CDZXwRzrI5E/nALM9xbNeWI5UD41bSFCIMov7pFN1k8lNbnismxtxCcTb3yU4HGEQqwd2hAuyOFhdOIjhGZdWNX069C4K2WGPL29PxkSomR5HK1fIEWxnoPYQ/+MghXsSq+w8Ggnk1ydrmYx2uxfL3QWaxd0OAuAT8SlEuJdWOyZlFONUKbmQYfdLAX9plSgM3QGVEHf+uWfCeJcPhORm47JFI+vzIy8eT7mKlqB+FsBym8euoxKL0sE03cTCB7GoVXGl8BUsok7I2SsYTmfZm~3622214~4473666; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:28 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3c_kf175_11820-24490
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
95.101.10.194200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 00:56:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=7S0oReNgq%2f2C6pM%2fvVKfyg%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
95.101.10.194200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 00:56:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=DCH4uqo%2foQVFmdGMaYVYHw%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
95.101.10.136200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Fri, 02 Jun 2023 00:56:28 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=AHmQ1uAyrDtnnl6kczagSJEA++fLEJv+74bqFvrcbYr%2fAs7fnKS%2fCi04Leha6juo; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
95.101.10.136200 OK 150 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (150453 bytes)
Hash 8c49aada7444fa1b353784d77f50d08f
8ae52b38806a7b35e5651f2550e91870741a974d
9b31ab6c67ded96e11c4f221af96600630a763a420075719485008730662df3a
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 150453
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A6wcm3mIAQAAdHHH4Weu48uAPOlzxJGvsCO1P-e9tL2dC4Gyid3u_ikxCcRAAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|5c634aa25d6e85665d9f89a3261f3d9b25d59589; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=0jUtVQrMKZoildnJDq1BB1uf5XPWCYDCgGm0AVbV2TBf3QCN2h9JzubflUaY5vaj; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=sFk+tOuenBhKjdWGwQb1Qw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a%3A0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pv=2&f_cls_s=true
95.101.10.104200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a%3A0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pv=2&f_cls_s=true
IP 95.101.10.104:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash e949aad1df6da885ff5f025848250b3b
20ed8981680c234574e4d6c6ffb561c34e5d355e
c0292545cdda71e0afc494475e657886cc610ca3db552d8cd6f5d32f7f1990b6
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a%3A0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1142
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; Secure; SameSite=None;HttpOnly;Secure
_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!9nK9UitjFV1Qd+wq/D2JHXmrrcNtC2XOWOzuj7WpEDCDMWB3U98KxBazuIYs4+7/Bifh7/w9pl493A==; path=/; Httponly; Secure
DCID=ben90RuGHs%2fuZNe20xGI+jm1t+JD2fWJ1H9NZKMSE9VhyzP7hyfqv5+W3sTOdFyU; Domain=rubicon.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388548&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388548&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388548&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=s+Doec70Nz%2fH9hLMpjlooQtO+Ud5AcCw3%2fXkPJl%2fulznjM2VU%2f3aXpwdTMMngxvZ; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3c_kf175_11820-24498
www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/jsLog
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/jsLog
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 166
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-29319048-05e5-4c24-af84-38cf444faeab' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:125; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:efb98f3a-6f3a-4f0a-82a6-74b60e56b098; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:efb98f3a-6f3a-4f0a-82a6-74b60e56b098|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=9980C4FBC915B7149C347E73C5069842; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306011756291978260402; domain=.wellsfargo.com; path=/; expires=30 May 2033 00:56:29 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:27|i:206915; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:4; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:4|d:1; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ISD_WCM_COOKIE=!RbO7wZISGnd2iU8Gl7IZxfIs0wroUQEnYTCorSwUgQjDJu41K+BWGpwSzXEhydK3DcbFRVSnhPoTzRI=; path=/; Httponly; Secure
DCID=ZJL6x7LHFsOBKnoOJONfyMd04YnNGnClPwpRyfZsTFg%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
_abck=124B69EF545881D5D10FCDE9912F48BD~-1~YAAQjtAXAn8kd22IAQAABx+beQk9wOCvcJ+tD1x4Oh+Kqr7U3ltS/9OXs+lwnCORFZ/0GPCHhaG4um5hVUvjwCVtzjqerZe7VqgO5TfkMCGjHHnYoaZzKrC/pnb8Vv4iYYS6huBaHi92Tmv8/m7VHzgKPNM8OQaYnseTITbK0QZf4FazObIBNJ1OCA0emUpaJFVy7IwAY0yIRzxjE2ZrIFchgyIK52EIF/JAytNM6j69KOFjeVhoLvw6D447/r/4B2pTouF1SUtFZr1RxwidO+uSW+i0d/8+1TiD34Pjiuf5L/TfftKDPc4s2RixDmKfqYtvyebCWNCUiBvqYtiXym/0Cea2VmN2vOzmLLHvBmUTl38uf5tFw9P3ilivRWM9~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Max-Age=31536000; Secure
bm_sz=3B54F5D0D04C2AA24285DB9646D78C46~YAAQjtAXAoAkd22IAQAABx+beRPbVFIG1uhDdBH+4xy7RJSe0sNxNHFbv027mBxBDIQKQ8zXiDAs9jGENOy6rnsaJudV2rzi6XXi+bHMWIAScPSJ12nnKP89RpgXX9BO4eIa1JbgowJgzFDSWJlZLxzDWD8CwmGSSR6pKCr7oNydOx5IkHNpFT6msA3ZmwSMoA7cpMRrNbBdq5P2YV+CLbwozKMqLxuzK3QH+kLSBZa/OdPuxiibeC63uF2p8zOcBHsCz2RyhH7T8nGptaFah/KLwa/S2HOr6YSz1vilEQaMoE45sWdn~3555896~3621432; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3c_kf175_11820-24499
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=gP5%2fc0albWWQQTyPiZifzA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 967 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2439), with no line terminators
Hash fd4188c6a9a586b7a456749b76fc8ca1
ce2783e2f7e6ad1d4ba963dbedaaa3f2a8d94623
f81d2c1e54d8fcc7745f683cc6f91453e71734fb69de07d6ecb16848757b3f78
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 967
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-759b00ba-8600-4f1d-bf48-e00a1ed9b604' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:125; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:0229ffc4-ed7e-40a8-9f71-92a515899a6f; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:0229ffc4-ed7e-40a8-9f71-92a515899a6f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:17; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=1F3EDD81D726AF6401CCF61FBECBC9B0; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306011756291286622237; domain=.wellsfargo.com; path=/; expires=30 May 2033 00:56:29 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!m5VJj6G4tDyRnCUGl7IZxfIs0wroUfq5Nz4lzDbN+IZAZaHglFPDMQrd9JLa327k0DyTaDaYehyOGIA=; path=/; Httponly; Secure
DCID=%2fcYRWisVE1H5zS9er1bIW%2fI1aE0N8YK4JMjQRHHGGWQ%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
_abck=F817B7AF1B7D4E7AD74E50DA6249470A~-1~YAAQlNAXAmhPbHaIAQAAHR+beQlF2P67Wbi1P0I0d1C7kpgT77a3MKT27vk5J1w0IwstGYkmuGtkq2NC42fDx1EvUq7/U5aoq91Vh3XKabJhXruB92UesSbEV4/qrFxg3/NGdEpZ4ovtvs/jj5pz92fdROuepR85SuI8El5xDNyPdujJ4J3+PYXRs1ZDlxkDg93psulxlwwunAHAio5peJ1kqR4lpOgG9rRAfh5Yb2ezqsloifxKWkLimKJqCSB2FjvlorgYVFMYmLlW8kVOr8ADxg8YTjcN6zihpPvr/8rIOsN4JgArFw00aGGnCFHVo6n+wpPILGLLT0DbOn78oX7BnCrfzYGFk4CwdYK3pUqVbOgV09pta/RLHN+t3pJp~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Max-Age=31536000; Secure
bm_sz=3D5EB074EDE82165E882D5BA3988A16F~YAAQlNAXAmlPbHaIAQAAHR+beRPyUx+FJIUG50G1BX4R+Sh3N/Wrs7dWkL57euE9FzOqVXhrcpvlk7d6ZhYXOUx3N5Y+cDoP0Rl4fPCSq9BDDU2uOA8mamnv3A8Evsbg+wyAUeFXmZggUjn5pYNhYJ3/dKUrXxll3v4+/b50HaqOBEqplKlYRj9KVFXjuTI7E7njJ4JM/GcabI04rfWjx5rFgQ2aGQ+Jd8qx6zlv556MAlf5QTaKKtgP4Zp82O44zcUIxeHGZ/9IdUcr9AlVEtNP0v7NzV3pZV3NvDkqT2HJAkglAgUZ~3555896~3621432; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_12005-1409
www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 970 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2439), with no line terminators
Hash d98f0c86ba33446e123b1718db70f51b
3723b11a176a58f78c9fd9cc466053c342ad4840
e9d594fd65c01c6e192931577b2b4ab0ee00c5c05045f1d3a0d454695e360307
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 264
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 970
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-a39e3f94-c1d9-4362-95bc-3ac656b5f6c7' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:125; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:cfaa494b-3327-42fe-a280-86bc158c7643; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:cfaa494b-3327-42fe-a280-86bc158c7643|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:61; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=EA443376BE5EE3FEF51C62FF2C312684; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306011756292139140775; domain=.wellsfargo.com; path=/; expires=30 May 2033 00:56:29 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!NMrnHeebEKvCw/oMntjHYqEj2JIOPHHQsOhIiHo5J/pLOlw2TxfkTDJUzKHW5PIaGLGK4h7ZvwAThzo=; path=/; Httponly; Secure
DCID=qsHwxEYR8RngCGqJkPywBU2g3nnx1AU3Z9rjKj5LNHAEmm%2fmEIIO3pAMqJIVhY4P; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
_abck=627DDDD4593DE81AC54C359A88A6C0A0~-1~YAAQjtAXAoMkd22IAQAAIR+beQnVoC/lRgNFCFsnwavPZlUHzXoCguoQ5IMQANbMhT0XkJXQBHltBCiBbC2JOznFEeCqbl+2cGd7ewtdj1JarjuaSzbYarfi2orZW3hVWXXa65+hKfHRdYv+e1+qZGgoD9OBtpd27Mfdvz1cMDEqVFfnOjgHkV6OQM9k9UFvVnmAwCGWyBWFlRZitM0GiBFHoOlcFer/jlTrzFRIB2zTednJAI8TYKrHqTXM9z2e9AyCiA3umAO8GAUBaQLZON/1SuebuGzUK/+uj9nAlhZGWLPrTAQK+ejF4Lm5mm/4qejOeuSE3Wca0vWUdMur+Nkn+gT9Nv4Q/4h+f/vzZsgzR3kBRCIUAzzQPQ3O6Z2S~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Max-Age=31536000; Secure
bm_sz=FCC5999619BA1C5A88971A264F144024~YAAQjtAXAoQkd22IAQAAIR+beRNbCb7osWjdGtqcMJUtuFD1M/q2AU+7MJR+FrAH38MkrcRqMxCdBdMJFkT2zWpz69UqLVGkHjf+fkuo2oeuUoa6lO+iOr+gHkxblD23WSt0IakLx78TE4jTsn9dpXAl0fn7qL70hDeT8V1mwfk6u0Tr5XSTvzdO2/BUFLxzdGg2oDTwZjrVCXUm2rGntIRw+OXEujFI+myj6MjjQuDR6K4cxjJ/OHaB0S07fK6xTct5bzjRlNnFhE5E9Knu1cHdGxTK5hgNnyt6ztM4x8xY3gjEUfX7~3555896~3621432; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11680-55867
www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 973 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash 013aa894ddb700ad807798365412515a
f8695d4e0fab0f6eea49e93453d92ad194f853d7
9f6f652076d31b20c30447ee4f56d4241a11a6eee2638daa70ac59fa49c44a01
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 973
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-1f5c6746-2902-4aea-8624-8a48bafc039e' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:125; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:29f7dfc8-ce01-4844-9c29-e15a408c294a; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:29f7dfc8-ce01-4844-9c29-e15a408c294a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:51; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=5241FA180C117D795BF104401C118D85; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306011756291273000665; domain=.wellsfargo.com; path=/; expires=30 May 2033 00:56:29 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!ivQ9xhKNtEtT1uoMntjHYqEj2JIOPFKm1wCKyJ9qrsDbdZl0vnkR2ZVx9sny2VZ/LcbuycM6K7L+vw0=; path=/; Httponly; Secure
DCID=PKiWudgzjd2IgaoJvcriG1AXVzaogRqrTMWRnjOfWMhvVdCFu0fHGTglwTdExRAq; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
_abck=A86D8E997A14716A7D216BFF5343EBC4~-1~YAAQlNAXAmpPbHaIAQAAIh+beQnAPutbezJ491M8mes4bYWf/2MtDvY5tbF74ONBYubN64WmcTt36BIPslvzfVyJjMSytsdZpnRvHy78VXaY7LDQzTCH9v6wCxPdSM96CyCzjTj/qU8PEOcWbO+TuBiDTN9iyaHDA3UhQ8BFZY2bV2LgZLVZnqyYM5cfntkGNYkN7qU3ri/5sLynI7ZcOlZtRkuoOVfQqhcBDV4t+DbHGGf2/7wlmTqyBLeBFWV4XmTUwv6bSzl7dZbkKZUdKNZ1TZV6VxGYo110SM01KSH/DCboRndMhdtw1d2jguoFnRe2qCjcfgf3h/fSQqUxi+SPfIn9UdFCf0NscvvQjLxdJsL5ZJtqUuWtBaKc9xvN~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Max-Age=31536000; Secure
bm_sz=4B869EC9F8A550F2930D57DE89875D7D~YAAQlNAXAmtPbHaIAQAAIh+beRMKMVlCBOdgWTjt6nL0AMUEnp7Jp7qZZiEJJjkRuIXCR8sbliw83B7z0eClt0+Y0FP3hO3jzEt202UPjNl/zrrT+5UldlJJ9DPGs5FEjziNwkCXwwrhXacwNr+8iur44JQt2erB46eRtmtgxAMDFWPQCAfj1iE/nxCEaK3DfjXMZOMxQiudX6spaDdaCt8RvzwEH0snun8M0W7fY8HzSZVtmZ/sak03FPqQCFNOJ2IJ9kjE7H3X4lMk8XBpEuYk0z+6mPGYZmJXVH5TgK7ygQo3d+G2~3555896~3621432; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11685-8079
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
95.101.10.106200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=moqpqOlCGW20X8MIQUzU8Q%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
95.101.10.152200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 95.101.10.152:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=B1yAMvINWOIEhnG8fjc8Mg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 967 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2436), with no line terminators
Hash 06fbc709598005391800d0a057524264
35fb86b964cfa86d82c3422b7ab6f949fc706a17
c0ace09225d79a95106817d975d5286a11e9a9cfb80a87ea7dc1ff61d81bdc92
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 967
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-d17f4f74-735e-40b9-a573-7c67f99b82b8' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:125; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1d3538d4-4a7b-4257-a9bb-d7ee7a3794c6; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:1d3538d4-4a7b-4257-a9bb-d7ee7a3794c6|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:19; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=9CBB55644A32C02D38EA12C0CF19ED8B; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306011756291952259711; domain=.wellsfargo.com; path=/; expires=30 May 2033 00:56:29 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!Wz30DVfMlUlAnvUGl7IZxfIs0wroUXoaFnashh3IojSZndayYgeX/LaqnHsUU50i7SiEbumGdHtX8U0=; path=/; Httponly; Secure
DCID=uXUS+0LmNEpE%2fixq2hXbHi6oKYFW%2fFenUNA9cBoJTFE%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
_abck=0CA3FE6831FCCA2019BD1515BB4503E4~-1~YAAQjtAXAowkd22IAQAAhx+beQkl0hvKMnGp0KzLHUBXuxTwQHintUpJrcKyvmtWL94Q/1TGYb1zDY2/1YIfcwePDKDz7ZuFNdX0qNClwDrVtrmNZc/e/sQrph9nr1aALozCqYINTMVotKtc/szrSH13OGxP+ezO/JOuG40Rr/ch9ioJIUjFxzTpyTLiYGZUvSK79rcdOAQNECAqe5WS7vs8y4G6ThbMLo9kZ8Bs4h1snEhRV4sxjXreZWk71qRLkOU5xLAyOCitFyJ4jM1AXssS1plwNOstkW1TTDpFuN3iupclB20s3JgvoUcSNZG2TyWFwE3WQLaYMhgvDHQaUtXzw3b2lMjTR/Z3nDw9pPLRxbeAVBfJODV0Fod+/62g~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Max-Age=31536000; Secure
bm_sz=6DA686CC6935AE15B69934626ECBF326~YAAQjtAXAo0kd22IAQAAhx+beRO9TopI/4VWVVc7yy08HUD0Wfj4vF0FrIREUi9BQ20CvUnBcGO49VpNOht8eDRd7m1Q9TQ11MOWj5koD74ExyQydh66uX1rwXojmiuOvbGrfSpReOStt0QXn46/oENFLVLuGyFOEDqcpsH3tquS9z2H76e0JGxU8rISe8wU/L50yRTfydxY5nbfmDYfGFS0Gh7vqalDddstFzWiyP4mM/7yN5CJ6Fby4LOT88kvrSL8zg0J6zwdLSWrMb5qdsG5sGv1OsQYw8IMa6+zsRexqH7vHgTy~3555896~3621432; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11727-37668
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388599&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388599&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388599&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=7UosPZLU8YbNHVfgwjRT9Gwev+GNEzoqQQEtxivp+10%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11820-24503
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388605&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388605&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388605&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=BkfGKxLbLDpP6EUTM%2fKceoiN1fx5jrRUDRUGNUSSv0VpbQe3GNC6JwxAV94D%2fb6s; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_12005-1413
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388611&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388611&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388611&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=0+x2+6HEdZDZgEKSzzIioJCd9WANa1oqD3BnRHYYMbGlJKWnwf7QbKsG%2f9ZGKwth; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11680-55869
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388616&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388616&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388616&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_chk_digitalcashbonusrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251670-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Mpl9uz9Rojt4ZEjE6cxQ1CR+5Yn4iTYX8n88c7d0UTT5nZ%2f%2figahPaQazJrXnF7U; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11685-8087
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388619&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388619&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388619&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=YH6nUHahGvfORG%2fzX9gkkjM%2f35VuhwCwxmlJ8GqHHiw%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11727-37673
c1.wfinterface.com/tracking/ga/ga.js
95.101.10.106200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ms3i%2fT7v5JTloxCf4jgx1w%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.9550013922430205
95.101.10.194200 OK 52 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.9550013922430205
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5e5cbaa8a4e69c06dd507a1979246b33
23d12368c9e81b081d2e0356228397108d521358
382b57b066203b9b294a6900216587c7f4e7a91ca215e00c51c9bb25e8d56dec
GET /PIDO/pic.js?r=0.9550013922430205 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52538
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=aa%2fEl2z4a4yBZZgkiBLu3QLrrC5RUVBElIZCvQilN08Pu6mWEvmz1CLDFaGq0dL0; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388589&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388589&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388589&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=133dhmllKGoipcKyK+a7n2zW8dktUw4W7V54BVnG0eKrvZSoBuGgW4rCYimti3QY; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11820-24502
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
95.101.10.106200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=5tV4NLn5GE1Np72dAKSEgw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388623&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388623&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388623&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_findcreditcardrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228930-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ROOgEM%2fOfQU1J3Sdh9K9QWz83CQr00GGtNkL7Q%2fZTp4%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11820-24507
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388626&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388626&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388626&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=UfKudiVSmFFUQ5Gpq7yN2Cm8IHEki%2fsQN1LPq7rLiHFZYkA7eTWgeDdAmogmnVV+; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_12005-1417
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388630&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388630&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388630&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Yb50OFxy7qrz+B1HKwzJdFUpXylKVDmdQN6DF2UdzHNT3wWImeUlXqDKmNAWBcxf; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11680-55877
c1.wfinterface.com/tracking/ga/ec.js
95.101.10.106200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 95.101.10.106:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=PnvEn6e0MebNWyeiLCw8Uw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/glu.js
95.101.10.136200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash de837a36e16f0637c315f53879473ad5
edb434f283c5ca54f255e07ec058370325db26c8
949fce6d60f4e9040aedf847a80d9b94fbe6a5200914967743a48ba6d9e2b33a
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37163
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=ybqQrzvaFl6DeB1L5XUfUkRUY3nHZI2RKdxjHE9KMG4iUWL2%2fY55O9zWGPBpuHxC; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388636&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388636&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388636&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=bUMpqcvZ6Tj7RygR8VDf7JbJjdABUmwguzg6NxJAmgoqoU%2f1EaL%2faWqR2z3jQXzt; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11727-37675
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388634&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388634&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388634&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=UPx95lF+%2f%2fbHZ50LCpmL7+%2fjfMxg9LpiQKjOKSSGrkE%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11685-8090
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pid=b9e444aa-5016-4288-bd67-1ef240e61f55&sn=1&cfg&pv=2&aid=
95.101.10.104200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pid=b9e444aa-5016-4288-bd67-1ef240e61f55&sn=1&cfg&pv=2&aid=
IP 95.101.10.104:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash e949aad1df6da885ff5f025848250b3b
20ed8981680c234574e4d6c6ffb561c34e5d355e
c0292545cdda71e0afc494475e657886cc610ca3db552d8cd6f5d32f7f1990b6
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pid=b9e444aa-5016-4288-bd67-1ef240e61f55&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4203
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1142
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!wBfinNlZjPa7h8R54TfMmyz5FQ342aUjmjjQgV3IPR3weaqViCSXW5w9F9N5mkrJ1XP2VszWfRygXKI=; path=/; Httponly; Secure
DCID=vkf5EBPizFyhDEdYZ5Q%2fTxtfxbX6Bi%2f9lWs5hGm18WA%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
95.101.10.136200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=OCrA9mKHQozkRMVE3endtW5eKNt6ziW890wecbF4KYDKRAaahTaXkOecVWxMvCH7; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388638&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388638&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F&cb=1685667388638&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; ADRUM_BTa=R:27|g:f47c4d3d-1bed-470e-91ab-a079573b6742|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:125; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 00:56:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=0A+3BayplebrmXJd0slaUeOOhGs66fiOYn2wOxvfbts%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3d_kf175_11820-24512
ort.wellsfargo.com/securereporting/reporting/v1/csp
95.101.10.185 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 95.101.10.185:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: f870e9ea-fc09-4eae-46cf-c6aaf0a27503
X-Xss-Protection: 1; mode=block
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:bab15ce2-d482-497c-a600-093a7a9116ad; Max-Age=30; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:bab15ce2-d482-497c-a600-093a7a9116ad|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:6; Max-Age=30; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:6|d:6; Max-Age=30; Expires=Fri, 02 Jun 2023 00:56:59 GMT; Path=/; Secure
DCID=llO8bZpLF9qfnyv2uzSvD8CJINJsXfsOanNAvgcd7fM%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
_abck=0CA9468EB2A45EFE0A0BD6AE190A2DF2~-1~YAAQtQplX7rWsHiIAQAA+SGbeQnVZjYui8W2fSrKxZEjs563cTGEMck2cG7SNR24DfxjzAKlNmu690N+F0Yzr1V0x3ITVLjbYaxXhc9SYKZapU+1aqjqw9AWWLK9Dup1zQNEbHVniw9g+hyw5PPP+1kQbU3zjPrQcZT6WnljWmBy5t05IyAlZeuSYBOpdPNTpAFTkOG+Zm+/ESuf6PUCXvzoI6Ohfu0tR3KXXtiKZ41BwGjWgYHEmTYs1Ez84b5wwVl2VgoDg6u2MYf81vyIzTyrI+QTUelf6DBeBU4e4SQ93KpQolnPPKOaV2bhWRJMtkQWC/jv8+eOQYWr+RtS5ePN6Yo+UlCCLo014BPlYw8mktrnnFjywhODryp/f9ju~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:29 GMT; Max-Age=31536000; Secure
bm_sz=74D11EE30E9E4A5FE452825EACD3739A~YAAQtQplX7vWsHiIAQAA+SGbeROmnGy0l0kkOTB0y9QgDQLaf82qBxveCQUKjTAodcsoeSKWD94hYf6QqteEEThQHEVpvr9jP1fwHw3oIoiCfMkl04XS5O3dws9vwzkgcs8HokCzjjyhSlPl92+/GKHSuzeY3OlGlYRq0zJQLrhup8wPcKnVWwnoYwj00VzMONrv6AcT0MUMm9+6m5eyopKyMFKp6NAPU+/f6BBHoUYeRvTuhdTa9ydrh84L58jc7XwHYR4j9d1DqxDBipWa/1moafaRyytGhj200PeW1a28g6ypLyFg~3621953~3748912; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBITjhVL3ZKME05dXgvQmJnMkR6T1VCNG9Jb1dHTkNQa2tFeEd6cUIxMFZySmUxRVRxNUMyZWxISUxrdTk2UW1GZUZPbGt6UExWb09lOW1zTzFpaHRrdm81OFBqSHdlVEh3M29wbk15bldaRkk5NHBVai9xVWdwZ3R5alJDL1VxL1NTME5oQUxrNGpKUStVOHB4c2o3dDhQbE9oNWF3OFNIR0p0enhxYzJBRC9VdmNCendCVGF5emw2dTQ5L2VQaEQraFU4emVzUzZyUHA1aitRY1RDbzJTeWRrVFZjTzdVTHNVZTVaWXlhWlpMM1M4L1d3eXp1Z21ZTXRSZDJ4ZXNnOW5GSis0L3VaSEV5VHRHL2VBUDl2Z0pVVEJYQnkxaFg4ajZhaUlVPXw2OGQxOWE0ZmRmZTEzNDczNzlmZGMzNWU0NDY4MWM1NTRiZGY1MDgxNWNiMzEyZWI2YjIyZmIwZTg4MWQwNTViNzZjZmE4MDU4ODBlNGQ4NmY2N2VmNzNkMGEyNGJiZjhjYzFlYmZmYThjYWU0MTRiZjdjYTI5MDA1NDg1MWYyZDExNjljZDYzYzVmODM2Y2ZiNWVjMWY3Mzk5MzZhOWU4ZjkzNzU2ZjYzYTg3ZmViNmUzYzBjZDVlNGFmYTZjMTZhNjUwZmEzMjY5YWIzY2I2NzIxYThlNjdiODQ3ZWMzMDU0ZTFmZDVlOTFjN2M1YmY4YTg3ZDYyZGUyOTk4MGU1ZmMyZjM5Y2VlNTM4N2YwNDY2NmExZTA5NWJiNzRiMzA2MTllYWY3ZjFmN2EwYmU0YjM2ZTdhOWY4MjliMmQwZmE3N2FlMzZkMjM1ZTcwZDgwNjYyNzg4Nzk1ZDA3ODU1YTQwNjcyOGE1ODM3NmQ3ZTZhNWZiMzZjOWYwNGRkZjBlOTJmZmUyMGQzNjI1YmI2ZjQ1OWYxNWQ1N2U3NGYyNDdkNzZkZGE4YzdhMTJmNTZlYThiZmFhOTMyMzBjMDNiMTcyYTE1MjFkMGNjMWI2NWQ2MjViZjhhZmU0OTEwY2VkYmY0MWYxODBjZTVkZTQ4OTY4ZmQ0MzE4N2M0M2IwOHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com&t=jsonp&c=mbamghnntnlbhrlg&eu=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F
95.101.10.136200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBITjhVL3ZKME05dXgvQmJnMkR6T1VCNG9Jb1dHTkNQa2tFeEd6cUIxMFZySmUxRVRxNUMyZWxISUxrdTk2UW1GZUZPbGt6UExWb09lOW1zTzFpaHRrdm81OFBqSHdlVEh3M29wbk15bldaRkk5NHBVai9xVWdwZ3R5alJDL1VxL1NTME5oQUxrNGpKUStVOHB4c2o3dDhQbE9oNWF3OFNIR0p0enhxYzJBRC9VdmNCendCVGF5emw2dTQ5L2VQaEQraFU4emVzUzZyUHA1aitRY1RDbzJTeWRrVFZjTzdVTHNVZTVaWXlhWlpMM1M4L1d3eXp1Z21ZTXRSZDJ4ZXNnOW5GSis0L3VaSEV5VHRHL2VBUDl2Z0pVVEJYQnkxaFg4ajZhaUlVPXw2OGQxOWE0ZmRmZTEzNDczNzlmZGMzNWU0NDY4MWM1NTRiZGY1MDgxNWNiMzEyZWI2YjIyZmIwZTg4MWQwNTViNzZjZmE4MDU4ODBlNGQ4NmY2N2VmNzNkMGEyNGJiZjhjYzFlYmZmYThjYWU0MTRiZjdjYTI5MDA1NDg1MWYyZDExNjljZDYzYzVmODM2Y2ZiNWVjMWY3Mzk5MzZhOWU4ZjkzNzU2ZjYzYTg3ZmViNmUzYzBjZDVlNGFmYTZjMTZhNjUwZmEzMjY5YWIzY2I2NzIxYThlNjdiODQ3ZWMzMDU0ZTFmZDVlOTFjN2M1YmY4YTg3ZDYyZGUyOTk4MGU1ZmMyZjM5Y2VlNTM4N2YwNDY2NmExZTA5NWJiNzRiMzA2MTllYWY3ZjFmN2EwYmU0YjM2ZTdhOWY4MjliMmQwZmE3N2FlMzZkMjM1ZTcwZDgwNjYyNzg4Nzk1ZDA3ODU1YTQwNjcyOGE1ODM3NmQ3ZTZhNWZiMzZjOWYwNGRkZjBlOTJmZmUyMGQzNjI1YmI2ZjQ1OWYxNWQ1N2U3NGYyNDdkNzZkZGE4YzdhMTJmNTZlYThiZmFhOTMyMzBjMDNiMTcyYTE1MjFkMGNjMWI2NWQ2MjViZjhhZmU0OTEwY2VkYmY0MWYxODBjZTVkZTQ4OTY4ZmQ0MzE4N2M0M2IwOHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com&t=jsonp&c=mbamghnntnlbhrlg&eu=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 378186479856e9d83db48019d8e82391
25a029ce0010a5ac946e52aef62d2515ab13e84f
6a510c9bd56f9e3b83c168d9096c5c629f46c2a096d8547159fafa31cb32cd24
GET /AIDO/vyHb?d=ZW5jZEBITjhVL3ZKME05dXgvQmJnMkR6T1VCNG9Jb1dHTkNQa2tFeEd6cUIxMFZySmUxRVRxNUMyZWxISUxrdTk2UW1GZUZPbGt6UExWb09lOW1zTzFpaHRrdm81OFBqSHdlVEh3M29wbk15bldaRkk5NHBVai9xVWdwZ3R5alJDL1VxL1NTME5oQUxrNGpKUStVOHB4c2o3dDhQbE9oNWF3OFNIR0p0enhxYzJBRC9VdmNCendCVGF5emw2dTQ5L2VQaEQraFU4emVzUzZyUHA1aitRY1RDbzJTeWRrVFZjTzdVTHNVZTVaWXlhWlpMM1M4L1d3eXp1Z21ZTXRSZDJ4ZXNnOW5GSis0L3VaSEV5VHRHL2VBUDl2Z0pVVEJYQnkxaFg4ajZhaUlVPXw2OGQxOWE0ZmRmZTEzNDczNzlmZGMzNWU0NDY4MWM1NTRiZGY1MDgxNWNiMzEyZWI2YjIyZmIwZTg4MWQwNTViNzZjZmE4MDU4ODBlNGQ4NmY2N2VmNzNkMGEyNGJiZjhjYzFlYmZmYThjYWU0MTRiZjdjYTI5MDA1NDg1MWYyZDExNjljZDYzYzVmODM2Y2ZiNWVjMWY3Mzk5MzZhOWU4ZjkzNzU2ZjYzYTg3ZmViNmUzYzBjZDVlNGFmYTZjMTZhNjUwZmEzMjY5YWIzY2I2NzIxYThlNjdiODQ3ZWMzMDU0ZTFmZDVlOTFjN2M1YmY4YTg3ZDYyZGUyOTk4MGU1ZmMyZjM5Y2VlNTM4N2YwNDY2NmExZTA5NWJiNzRiMzA2MTllYWY3ZjFmN2EwYmU0YjM2ZTdhOWY4MjliMmQwZmE3N2FlMzZkMjM1ZTcwZDgwNjYyNzg4Nzk1ZDA3ODU1YTQwNjcyOGE1ODM3NmQ3ZTZhNWZiMzZjOWYwNGRkZjBlOTJmZmUyMGQzNjI1YmI2ZjQ1OWYxNWQ1N2U3NGYyNDdkNzZkZGE4YzdhMTJmNTZlYThiZmFhOTMyMzBjMDNiMTcyYTE1MjFkMGNjMWI2NWQ2MjViZjhhZmU0OTEwY2VkYmY0MWYxODBjZTVkZTQ4OTY4ZmQ0MzE4N2M0M2IwOHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com&t=jsonp&c=mbamghnntnlbhrlg&eu=https%3A%2F%2Fwww--wellsfargo--com--g449329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 00:56:30 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=iGzb8mHfOc9DxBK0FkfRcEVZcnYKyZwmj6DMKqICmn4at%2fOMfT5D%2fK4+eAwB6cey; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:30 GMT;Httponly; Secure
_abck=CB42CF4582D4076EE31729FD011137E6~-1~YAAQhAplXxoADm2IAQAAKCObeQk/gy64VNHVKtOsPuzcLBMyX3NAh6LfkTu7/pYUM+wNpOs+DeXqvIjB9CPBUY1Hy0UBv6vO97SjIOePWWzhqW/lXaLHcZvVBI7esg/g5gd3p4LSs01wYa/TuszfhNUGKkSYKX1BklLy06yX64kSamY1MmZUnesDfTF4gJma6XRblFC3Cjs5YCSR32zRHdtmjR1amWS45pDlxUA0WtalhgcI8DxHc6gmxDzjgeFRTzfrcSOmljlSa0TOhjEBOyWT4JCoeKuGpbFxb4E+hBjmdqosL+YTD5sAOVn+usAp/aehD6NTO0YGyQ7NtUt7izVtIupD+f8tN8Wv0HagBpEecStOJBbOzenUSIHG5PEa~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:30 GMT; Max-Age=31536000; Secure
bm_sz=6B11F26D58D5FF84A988665089D0C126~YAAQhAplXxsADm2IAQAAKCObeRNpMb0vVUw7x7oyrwA4KFEM6r5Xo1gj82CQxzNOIBdyTPP7Q2sX9JoeB9droogvdKlnQ6GXjyFqHl2IaU45qFG5p3FSPMsRX/U3T0nblTn6E9zB4TKg4dCleCyUheMU1rM/dHq6FRquDsmVgUO1/IihQtnudn/cIECEpnpSMU4DiaLsdzEG9u6w860NKCUM+Olvrg8hl2dZZdahRfjjMWWsj5Lr2Hd7sakpZJTNdeVtnvZbiY4NiqiV25dPEzxqpdre3bWoY0a0jad6vyOBMQpLotW8~3356215~3163191; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:29 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.5562921853485782
95.101.10.194200 OK 136 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.5562921853485782
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 136 kB (136477 bytes)
Hash 44fa8ecdca87de161267967c5527ae64
53bef5271074fc6e84245f9b91cee3b221d705b2
8dea7df38a8a848c969cfbe829e170b51cca58f06588ba31a7e1d9a00dd57ffe
GET /AIDO/mint.js?dt=login&r=0.5562921853485782 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136477
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 02 Jun 2023 00:56:30 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=QG7HSaIo4TBZyG0KEzdGDpeMF7xO+qJlt6qG28Lw0bnyCnBLvQ0BXfVAdCSdHiPQ; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
95.101.10.194200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash fd84add9ed27b6aa5d0cddb1be1d07cf
07d7f552e82c7b83c71b16358b7efb063d78cb5d
9c654e7372a81694d6ef749266dc5a5297433a6a8eb57e1aef8f7735720db0f7
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17970
Date: Fri, 02 Jun 2023 00:56:30 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:d710d55b-5eb9-44e6-8112-3649c8aa10e7; Expires=Fri, 02 Jun 2023 00:57:00 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:d710d55b-5eb9-44e6-8112-3649c8aa10e7|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 00:57:00 GMT; Path=/; Secure
SameSite=None; Expires=Fri, 02 Jun 2023 00:57:00 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Fri, 02 Jun 2023 00:57:00 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Fri, 02 Jun 2023 00:57:00 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=KhetXAY2V7I0FxNG3VrXL0gWVNQG5cwq1JCGZ1dvQjE%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:30 GMT;Httponly; Secure
_abck=1F1F90CAEFD655C57A6346AFF90BDD7B~-1~YAAQvgplX4+UCGuIAQAA2SWbeQktFQRkFE1EUnBwN8hiOiwuOeQqZu+Iw2jtLRpkgiF3ob0v2UYTbFQgjYjsUIkwLJuqQKdiiIByvh+vICEXOrN2PfC9aE71KVY+glkXg8f4dENRPQ8QNYykW1dTl0WjyoqtwwOk1lU1Y5puYP7yCHgTnNW8wav2WYyiEX1omuvvMvctQ3J4Sge+JYUEU7lPk8gCu19fm2sT8Zmf9lHgt1Mmc75oLL4QFagnTSfHdJtO2OxLkDGL8KJi+Q/UVIXTSMAePdlWe8JanIF5Md4BT1PsRaGP92rCjKaVYQ0UbwdPMnsyvRmPa6CRW3sn6IDgplKJzLJHV0TDKXZ0BTpWD2Lzxj8MdyHf27a3rMg+~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:30 GMT; Max-Age=31536000; Secure
bm_sz=603360B1BB7B89AE58C63AF97F9C03D0~YAAQvgplX5CUCGuIAQAA2iWbeRMMEpeb46h4CRQesth1GkCxRBSpob6lHPV1o8M5HNLXNxYny5sIjji7zrR1jNFAVKb34PjiYwRZIRMDBsYaYVqgtY+cZg0Ltl3xycuR6CByfCRx0AMBBWKv2YAonvB0zwr4o1+F5y5OxNgaH1hHZUCcWI+XdFgniw5xLDxGgVA+Bsu68lgTGm4VMHOf6O7Kyd5sQuHxdUZT/qKTv+9IBcRw/6XpW/DFPeXTtoSGjIyKV2Hsgar5+0j4nFv98esamBD6hFRKYcQo+8SeO33VeBmpD5ry~4407602~4404536; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:30 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--g449329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.132.220200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 85aa218a18915fe13f69ee8e84b9099e
f15b832aa001f4e4a56aac5fb5e151389a7f060b
5ed424d78d65049ceb92e0f39132dfa2da339ffd9e746bb3baabb8b021908775
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2044
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%2C%22c%22%3A%22aWJvTTV3MmpPS0hZTU5CSg%3D%3DUA_Vxx7a7iCAOUIMgjyNq5l6Gxbuva1o7alXJhUXyVjlkH-DQcDl7ILw9xEtJDwMte2XavctoSW6D9-7kd-b5VURDTSR2xi4iiQ%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0; ISD_WCM_COOKIE=!Wz30DVfMlUlAnvUGl7IZxfIs0wroUXoaFnashh3IojSZndayYgeX/LaqnHsUU50i7SiEbumGdHtX8U0=; ADRUM_BTa=R:27|g:1d3538d4-4a7b-4257-a9bb-d7ee7a3794c6|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:19; _gcl_au=1.1.1242268935.1685667389; _ga=GA1.2.2057671245.1685667389; _gid=GA1.2.840926131.1685667389; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiXC9sa2RPWk1kUENNN211bGJoRit3Q2c9PSIsImUiOiJaYWdkU1ZqZlVQRlpidTlqNnR5aGszU2ZUSmxzM1JCbWhtZVNvRFdaWFZ0ZUxqbzFoOFpPdE5sOWZ5eXkyR0lkOFY3R3prdG56WWdkZmhYdlJjOWFIc0Z1aXhyWmZOXC9EZ0xSeDgzWHhnYVlZeVwvSWlmTXVaZGRmNkxTTXdzVkpuOXlUdEpTUGJRWTBTYjlIWHhUNjhcL0E9PSJ9.a21e264e28f0904a.YzY5ZDFiYTMwYTM4OGQzZjBlNDc5YjQzOTk0NDk0ZjA2N2IxY2FjYTI5NTY2MGJjZDE0ZjdmOTM5OTJmZDY4Yg%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=RyH4pXCcjkYdeiyTRqOBbILzauh9v5pEmIRL%2f9u749+5eYzSJsOzAQyc1NeQa%2fta; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:31 GMT;Httponly; Secure
_abck=900E5615295D1AE9C91B81EF2D84F316~-1~YAAQlNAXAnRPbHaIAQAARiebeQkswmnlegNqyg35yJV2IUbxgpmBub7rjBlAi3OKV1P8soy/G/wpLsrUdMriIeRg6CoQVmCKJ0WxWKgzQSBLf1sK2URln1ZwT9kHsRDCe4HZU6w4VhUFPfATcoNg/496KKcrrVkkwmtPwUMDVJYn0M91uIhaGow/hNTVXWKYkztvzQWz0sMmpzUnNh4SiZec0OseoCVg7NVhluJRGwLrJyWIMr54/ppgM6n5BJaUiLdpbukY31bbFhri7m230tR0ypE2fuXrgK+1x/iYAp+qGTrhIPIVDgfjQRscskJ+cFWEyNrDUpo7O1Ecpw5JJRJ0hdFtZWGtWlrxnORCpZeJoiuGH7hdwNcwjGXHXYnH~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:31 GMT; Max-Age=31536000; Secure
bm_sz=03E4ACBDDF0E9710438897EB38B2CD32~YAAQlNAXAnVPbHaIAQAARiebeRPvhTu5y6oxEmBwvm00WXW5dRjPN2cyVmQlNes3QsmYwmqcRyiXVqki9X9jOyrnrdSV9tJAQiuufEvuj5psm638Gx4ey+QzWDbM5G+Y/hcHsx/MuBucx36VIwMbJU2clqtXk43l7PtZFh/+zP1+hF4lwCc1TTPq/wh1EHdEqL2Q9j3nxy425dpCho6ix3Bd6jtsLdsmV/Z0UBr2//3IBq119Pwib2cZqA7WJj9ZhcdHEQw0oXwLxl6VDSAWIWt3xNViVed7m/T2m2I4xPO8LtbkyecW~3163443~4273732; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:31 GMT; Max-Age=14400
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3f_kf175_11820-24543
www--wellsfargo--com--g449329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.132.220200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 55a035b7af1c6426854e4734ea4eb0ab
0a693e15e07bf858683d1261ec6efd16a4e53113
6b474848a39da04381aadb2f696fdb6062373d6ba315c405020084882ae15599
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 648
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6%22%2C%22c%22%3A%22aWJvTTV3MmpPS0hZTU5CSg%3D%3DUA_Vxx7a7iCAOUIMgjyNq5l6Gxbuva1o7alXJhUXyVjlkH-DQcDl7ILw9xEtJDwMte2XavctoSW6D9-7kd-b5VURDTSR2xi4iiQ%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0; ISD_WCM_COOKIE=!Wz30DVfMlUlAnvUGl7IZxfIs0wroUXoaFnashh3IojSZndayYgeX/LaqnHsUU50i7SiEbumGdHtX8U0=; ADRUM_BTa=R:27|g:1d3538d4-4a7b-4257-a9bb-d7ee7a3794c6|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:19; _gcl_au=1.1.1242268935.1685667389; _ga=GA1.2.2057671245.1685667389; _gid=GA1.2.840926131.1685667389; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiXC9sa2RPWk1kUENNN211bGJoRit3Q2c9PSIsImUiOiJaYWdkU1ZqZlVQRlpidTlqNnR5aGszU2ZUSmxzM1JCbWhtZVNvRFdaWFZ0ZUxqbzFoOFpPdE5sOWZ5eXkyR0lkOFY3R3prdG56WWdkZmhYdlJjOWFIc0Z1aXhyWmZOXC9EZ0xSeDgzWHhnYVlZeVwvSWlmTXVaZGRmNkxTTXdzVkpuOXlUdEpTUGJRWTBTYjlIWHhUNjhcL0E9PSJ9.a21e264e28f0904a.YzY5ZDFiYTMwYTM4OGQzZjBlNDc5YjQzOTk0NDk0ZjA2N2IxY2FjYTI5NTY2MGJjZDE0ZjdmOTM5OTJmZDY4Yg%3D%3D; ndsid=ndsauhi2vfjumkiliduuazd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:31 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=EXIOegJsOERlEwMVf1FnX995eVGdgV9c+JbNm7fTX8KrtnSsQt2COaS0MbKucXGj; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:31 GMT;Httponly; Secure
_abck=5116E899AFD18DD0FFF9DAB86E5AEF22~-1~YAAQjtAXAvokd22IAQAAmSibeQnZPS5jR5tI19Fa1kqqDkiuVk3LY/CsEhmUp7rp8Dp/dq55PBF1kHnDVM8LJ+Mr0YyXBkHj9KHx9Yk3KY/lBOnV/LgZHm0wFv1CSP0+m1xqm9k3Wst+gkMGKzNfXGG65EIvL8k7i5PRgA5Im29jVN4hP1XszKRA+C3kFnC6bvhJEtx4m457EySqC/INDa9uBqZBIboRJ2rA1ki81OXd8R7INUlsMc3FMwcsC6pxGVGOyx4fDFwrBiBzsPpCNQS7dHZCzseOpMvhkKg9e91f3EYPNLRo2QmXInjExhfr9zeztVvAbYae9e9MH9NUvFECFgFhJVDaixYL+CHMmRwIJ9V56bB2CJIq8alv8jBk~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:31 GMT; Max-Age=31536000; Secure
bm_sz=610922FE73882FA80EE736E2A4327754~YAAQjtAXAvskd22IAQAAmSibeRPpT9DjYg2JwHmOKgYCHie3y7EbicYlLV/H31gkXpT7EWwL5HNoBwcXm/+X4+75qRlsAt0AFbLeh1gZzPn/ltEH7qgT6lorF6T+hNI/XwLqmR0LhStS/xid1Mrjkp39xe8vWcwV5r65VI0RsGGdnQJcNKUO4lN5s/SuQT+QSdzBRwGC2xp51UwLwnXiPaLKIOTxFuQUjd5LBsHLCwepZMxgE+WjYuhP6DJ2nCSDJeWD+GYnPEVwzQVA43RgVBAr38SvRRW6wfLQVBbB+STrHbmWgNWq~3163443~4273732; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:31 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e3f_kf175_11820-24545
www--wellsfargo--com--g449329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--g449329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--g449329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!mBrHDe/AJyVnZx1nfhFjdbQk89Ydzg6KcZMmzmgA2irTJclOePEBVYlAaAyM/dY3BCPWt2Z0N1qMb4g=; utag_main=v_id:0188799b18020014e8502e9d3c4d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685669188338$ses_id:1685667387395%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTY5fKMb6hbF8CmqoxevqNh5DdaK3RyB8AlMoE2ko%2FE%3D%22%2C%22_s%22%3A%22RhtGcYt6yCrPXVyWkXoKmX7%2B%22%2C%22c%22%3A%22aWJvTTV3MmpPS0hZTU5CSg%3D%3DUA_Vxx7a7iCAOUIMgjyNq5l6Gxbuva1o7alXJhUXyVjlkH-DQcDl7ILw9xEtJDwMte2XavctoSW6D9-7kd-b5VURDTSR2xi4iiQ%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_fr%22%3A20000%2C%22diA%22%3A%22AT8%2BeWQAAAAAUf9Hjq5slgQGf%2BxzhRDI%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22fr%22%3A%22hW8bR38RmKMP6lu7TVuNbg%3D%3DSVRoGLOOYJNc3-kGPDjl5MmLX3WFeGyL6QvRurDjaurIy7sfU8VpDIksG0AmSlvdSFrQPydwIGJWm-L1XTr3WreNoMOiytfuorRH9JLHtCc2St6FEZIt1HyU07E3SCXkX_A2S1XSlBpuvJUe08SzuksEDw_IaJxuw12SFCmdOPAWHZSyZNlBsNF0%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAveY7Riu3HkH90g%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C79042662669807241127214594726795526491%7CMCOPTOUT-1685674588s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0; ISD_WCM_COOKIE=!Wz30DVfMlUlAnvUGl7IZxfIs0wroUXoaFnashh3IojSZndayYgeX/LaqnHsUU50i7SiEbumGdHtX8U0=; ADRUM_BTa=R:27|g:1d3538d4-4a7b-4257-a9bb-d7ee7a3794c6|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:19; _gcl_au=1.1.1242268935.1685667389; _ga=GA1.2.2057671245.1685667389; _gid=GA1.2.840926131.1685667389; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiXC9sa2RPWk1kUENNN211bGJoRit3Q2c9PSIsImUiOiJaYWdkU1ZqZlVQRlpidTlqNnR5aGszU2ZUSmxzM1JCbWhtZVNvRFdaWFZ0ZUxqbzFoOFpPdE5sOWZ5eXkyR0lkOFY3R3prdG56WWdkZmhYdlJjOWFIc0Z1aXhyWmZOXC9EZ0xSeDgzWHhnYVlZeVwvSWlmTXVaZGRmNkxTTXdzVkpuOXlUdEpTUGJRWTBTYjlIWHhUNjhcL0E9PSJ9.a21e264e28f0904a.YzY5ZDFiYTMwYTM4OGQzZjBlNDc5YjQzOTk0NDk0ZjA2N2IxY2FjYTI5NTY2MGJjZDE0ZjdmOTM5OTJmZDY4Yg%3D%3D; ndsid=ndsauhi2vfjumkiliduuazd; _imp_di_pc_=AT8%2BeWQAAAAAUf9Hjq5slgQGf%2BxzhRDI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 00:56:38 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Vh4Ebh6sY2wkCMLGCqxhU7KTZbDe+NbN9S%2fMBp5J42M%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:38 GMT;Httponly; Secure
_abck=60D3AABDB946573F4DD8A6DE6A72D84F~-1~YAAQjtAXAucld22IAQAABEObeQmGGB56AQek1b6CzHkJx0wv8KrH8UXh52A/mZGeJfLkgM6oDIeT65JiOrttq7muh9qjDW5L05mU8CsUTxcbe1AM9HHjSULGaq/UknsS/6V8OtZUfH64Sz3SZurZRjVUDdhYCyxtwQO3dFJDYlLZp79RUyGXzdWr5oB/EKo+FUIkzzN3dQUxO6J9BK/w8HDz87mYdBSbsEY6tkHO718N4w6oJsXQjbZ3o+wKF6c9NNySXR1SpM6Zx9PMsL9VY7p9HjABPsGeVi4Mpej/hEi38Yq+OqUCf2+s8pmPEd4DacHjHM9z9TRMP7PBJnBpQiz0jG8uqYwSdNhvAYZJrAUK7xzJXh59CaypLVP2s7zo~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 00:56:38 GMT; Max-Age=31536000; Secure
bm_sz=ADB8889E3999D79762A7C9D4DF175BD0~YAAQjtAXAugld22IAQAABEObeRP/3K3eV0bBvVoxRTVhVhOzwcVgoM7+RivE4im1pePHLkUfpu0ESoWJQWd395749JK586Giks+z2o2qM83u40KOK7Q2DDCwgsrpWGsKyUouMiz1+/g+uAUd4ZmDntMlWqXHnFitTikk12aGFRnKVTvI77p+0p12JPkh10kjzLezXnLu3G7a4Mbw/uVgK0YyQjegedvFc9PEKM5cM0TvTcpL3jDmdMdDJgH0Fw+AwHZ5ggLU3b57Br0xNLvljo2ZkewAM6Zvvidp0GFEBQg4kRq9TROe~4274228~3486000; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 04:56:38 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64793e46_kf175_11820-24662
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pid=b9e444aa-5016-4288-bd67-1ef240e61f55&sn=2&cfg=32a3f9ce&pv=2&aid=
95.101.10.104 164 B URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pid=b9e444aa-5016-4288-bd67-1ef240e61f55&sn=2&cfg=32a3f9ce&pv=2&aid=
IP 95.101.10.104:0
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c58e4ed58a01f35b3f7177189c58c7df
7790557e6a12a24209e477caa50d24f9adb10e34
7f88e31cce961c67bf7bb389dd01d6af352aa6e4d26f3f08bafae41f55356021
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pid=b9e444aa-5016-4288-bd67-1ef240e61f55&sn=2&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34195
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Fri, 02 Jun 2023 00:56:39 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!02abQQ81Rd3H8V554TfMmyz5FQ342fi+SJYd8eigFSa4V540AYDhvY+2Alvl6J7/H2r03ugThjaR8Nc=; path=/; Httponly; Secure
DCID=zETNaAiEUBStrIxT7onCHIw7c%2fUx7sDq1XRmwTFTTQI%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pid=b9e444aa-5016-4288-bd67-1ef240e61f55&sn=3&cfg=32a3f9ce&pv=2&aid=
95.101.10.104 164 B URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pid=b9e444aa-5016-4288-bd67-1ef240e61f55&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 95.101.10.104:0
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c58e4ed58a01f35b3f7177189c58c7df
7790557e6a12a24209e477caa50d24f9adb10e34
7f88e31cce961c67bf7bb389dd01d6af352aa6e4d26f3f08bafae41f55356021
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0&_cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa&pid=b9e444aa-5016-4288-bd67-1ef240e61f55&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 49245
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=1e9ce14b-cd35-4255-a0fa-e963fdc3dffa; _cls_s=0cd26bd3-bab3-47ae-9bb0-0ba9347d432a:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Fri, 02 Jun 2023 00:56:40 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!n1SuUvLT/p3nAul54TfMmyz5FQ342XmfMthPFEnFjzICqbkbUGb7s0ln3G8r/XXi9QkSXNP0W0F35nY=; path=/; Httponly; Secure
DCID=2AIVIn6HRR8STQVrP0wURUJUpNWYyn09WH1JYVN2Guw%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
34.213.146.121200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 34.213.146.121:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 00:56:30 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
34.213.146.121200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 34.213.146.121:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 00:56:30 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
34.213.146.121200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 34.213.146.121:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 1535
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 00:56:36 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:53c5002f-5591-451d-92e5-0dc15a7d9e9d; Path=/; Expires=Fri, 02-Jun-2023 00:57:06 GMT; Max-Age=30
ADRUM_BTa=R:55|g:53c5002f-5591-451d-92e5-0dc15a7d9e9d|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Fri, 02-Jun-2023 00:57:06 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Fri, 02-Jun-2023 00:57:06 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Fri, 02-Jun-2023 00:57:06 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:12; Path=/; Expires=Fri, 02-Jun-2023 00:57:06 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 12
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
95.101.10.136200 OK 610 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 95.101.10.136:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 610 kB (609503 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=y5nD8xoG1hfcslAUyDwl3ljtpP%2fl8hOyrxe8nK+HiGI%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
34.213.146.121200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 34.213.146.121:443
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 10879
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 00:56:30 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:9d1f5adf-d314-4302-bcf8-b14679bc074d; Path=/; Expires=Fri, 02-Jun-2023 00:57:00 GMT; Max-Age=30
ADRUM_BTa=R:55|g:9d1f5adf-d314-4302-bcf8-b14679bc074d|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Fri, 02-Jun-2023 00:57:00 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Fri, 02-Jun-2023 00:57:00 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Fri, 02-Jun-2023 00:57:00 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:18; Path=/; Expires=Fri, 02-Jun-2023 00:57:00 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
95.101.10.194200 OK 681 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 681 kB (680981 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=iqSb9A9m8PCg%2f2Kw5suRRwiLb0RY9ErLcdV9lukQF5r8DPCTd8OSPoh8qh0E09Gx; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
95.101.10.194200 OK 941 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 95.101.10.194:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 941 kB (941155 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--g449329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 00:56:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=RF36oMSPyrmdq9q8WLE6lBT1ptgN83bQF5crdeTk7JuJXynoQxnrmMcMO4Lm5%2fxC; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:11:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains