ocsp.dcocsp.cn/
47.246.44.231 471 B IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 3d25d4accc054841904c210030f2765b
5586a01c7f26c3f1b55ffe41fe5ae219492a5334
733dd1e500076a819ae487f05161dd050d436d49a72c1d11e5c58760ef008bcf
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 02 Jun 2023 00:56:26 GMT
Ali-Swift-Global-Savetime: 1685667386
Via: cache21.l2de2[277,277,200-0,M], cache3.l2de2[279,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0]
Age: 1264
X-Cache: HIT TCP_MEM_HIT dirn:4:275760585
X-Swift-SaveTime: Fri, 02 Jun 2023 00:56:26 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9c16856686506912549e
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
163.171.132.220200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash c45705be639cf94b4679ccd6763e3544
a089627b35cccd874857db5720cdca46770f7bc8
332ad2e28ff16e680d25023c46349d8c7a056cfdc2c335fdebc387aff7b3f3ad
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:31 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18847
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-72c11290-6c8f-479b-aab6-2f3084095714' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18778 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb; Expires=Fri, 02 Jun 2023 01:18:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 01:18:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 01:18:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Fri, 02 Jun 2023 01:18:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:81; Expires=Fri, 02 Jun 2023 01:18:00 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120230601181730239473600; domain=.wellsfargo.com; path=/; expires=30 May 2033 01:17:30 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; path=/; Httponly; Secure
DCID=B15V8hKCRHEDlgjAqRcRLCg7AhkcQNSN+S5KJ9x0T+I%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:30 GMT;Httponly; Secure
_abck=4453B72392793FFD6838BDA385F908E9~-1~YAAQjtAXApPVd22IAQAAo2CueQnORGLdpOiQvZ+bzDT1yX/T3UwRkURmOfSe+ePWnbRX4DthxgJCAwRiL2XV20EZKpNp3Aarn3kP67dEjmK6lQD3keI9eYyF0sscfOshibdVRhEytUjC5Yo451YL7d2X1Tws++KwKWlSR/PjuXTLJCMNrHujeXzr2X2C6nffvIztc40/oD8lziFN6KIGtndhX8IRLC+bXuysKkSagzUJ/7F1KHEfpEED73JBr9A3R//Dtag0Iege3dD6OZwZLvHADpCCvsQtJwMvSsbqAXE1bLl9eobPt/AlbZDzmoD5lS2iOQWNPxtsswDqOv6VsWF0cvXEgbkN2q2TyJmnt6ZCVJTo/jJGnmDXPHtK7KSv~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:31 GMT; Max-Age=31536000; Secure
bm_sz=D177C9A1CFAC9DC4E08754505614EFCB~YAAQjtAXApTVd22IAQAAo2CueRP88i5dT1oenwcRkr7JN/+M4xSbfKbzgpoHzR7QfiXoklxxbHeBOLON1n4D6N7r4Es5ZkGMXJV92+qUhW4+AYN5sbcDEspzaRQuTaWVdxCE6cPKQp3x7Gm+bZ26cz3e0gVLgXU4GvlvPnnGhwplMqDwqXVJEFsJlh6bay4OxrPV3iRIY+BhuVGL0WB/uK7R9qwQALZaDKMmYk8FncDF92PuVBR01GmUWLJ3ZfAKo06FnrTET4ZUJsZjAxfS7xPbs8YcJHxObpF4oFft2sVTkLU/OCA4~4600112~3551813; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:30 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432a_kf173_12351-20842
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
95.101.10.120200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 95.101.10.120:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Fri, 02 Jun 2023 01:17:31 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=WQH71zgSyEjkQimVnvBQzw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
95.101.10.120200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 95.101.10.120:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Fri, 02 Jun 2023 01:17:31 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=GIoOQcpOE7L8oSa8ytt%2fHQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.88.16.188200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=1210301
expires: Fri, 16 Jun 2023 01:29:12 GMT
date: Fri, 02 Jun 2023 01:17:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.88.16.188200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=1210321
expires: Fri, 16 Jun 2023 01:29:32 GMT
date: Fri, 02 Jun 2023 01:17:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.88.16.188200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=1210458
expires: Fri, 16 Jun 2023 01:31:49 GMT
date: Fri, 02 Jun 2023 01:17:31 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.132.220200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:81; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:31 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Thu, 01 Jun 2023 19:38:09 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: W/"643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432b_kf173_12562-28410
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.132.220200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:81; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:31 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Thu, 01 Jun 2023 19:38:11 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432b_kf173_12562-28411
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.132.220200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:81; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:31 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Thu, 01 Jun 2023 19:38:09 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: W/"643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432b_kf173_12562-28412
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
163.171.132.220201 Created 77 kB URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 3b2227177307401f0ad66f16a01dfd5e
098aee523bc90b9abd2658dc3cad2b8d984c148c
f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:81; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:31 GMT
Content-Type: application/javascript
Content-Length: 76583
Connection: keep-alive
Stored-Attribute-Sha-Checksum: f9fce767b48efa5ba940f180d7210d6f9d5c1569743951fb756e574c8e8ce86e
Last-Modified: Wed, 26 Apr 2023 15:12:23 GMT
ETag: "5b8f9de7319f5214c46d203ee7c78f9bf749d0b7eaa059e3b1056741a3d903ac"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=TtZDwEeKuHqdVizzi0nFOg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=E42F54D18CDA98FC191B04D3FE198D19~-1~YAAQlNAXAol1bHaIAQAA6mGueQng1di2x1RxPwq1qE64JhOBTrQ+EiM0TeOvPE7yCYg73qydr76YZ4PClmH2iJchU4UERJ270DaCQnNVkhfTX6V0d7l58sQKo5DOMavnah4MaBUaBlIQA0eUskCAAca2F35h/CjmWQo45M2oy+Hw3K5ZOau1a1CkvsVKMGTpGItknGFO/rFpcvuMA8s2SAIxY7lV4ey2HGMDp2mCkCqpI/UYG8w6zUVZjj5hL4qBabldFrRae/luFtrQpox77gW8uJczGZ1G6/0lyTzCDrr7bFDADqoQkHa5MnivDdk5ccfiuYWMiX/y1c+vJogkWk7ORHIzUmL5kdagXixw72rIy0KJL1LzY4dr9FOawgCb~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:31 GMT; Max-Age=31536000; Secure
bm_sz=8FCFF5473BB34959D40AA269528F1784~YAAQlNAXAop1bHaIAQAA6mGueRNtltK8fUxCSAfhJr8bz56WQ7goRCWywSqgevQBnQDT/iLrp1s9nJZqVRmXy890FXWI91aGe+tuk3EX+hh75l+zPM2eSUKfacMnqpC45qiGYXeDk7nHC7CmvwDfO7yryOVY4hoqC4GXwaY5X1aWeKi8dwrJIwyW4jRum2JL1gu1F2Lf1VTgIsPgxFSDzCdKV+HRIwQ86dEZv3yqj1BepfC+/KpUhAJZUqVlFeukBt4xTdAZXZIMdng7O7Xv2KJiZ0ypdvNsfjB07bCih8f/6qk7w9OD~4342598~3225912; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:31 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432b_kf173_12446-50687
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.132.220200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash 0a10ebed0da9e2e168428dc314091c30
e222d14efce66669ff2f4683a10c00f027c8fafb
72d881955bb0bad4f33ae0b5226a2ba7199dbc58d0035b6d041d8d0b76d70136
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:81; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:31 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4281
Connection: keep-alive
Content-Encoding: gzip
Expires: Fri, 02 Jun 2023 01:17:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A-FhrnmIAQAABkoSLzPeD66gCBuCJ7aiJ6UfA6zv7ISEQ1MZfVK0vRDORF92AaOrhK-cuNk0wH8AADQwAAAAAA|1|0|07931c2e2760b50e3e18b53b60760b38f35e5d50; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=olribg97dq9mtsgzbFceYV0RaOby%2fAkUhgv6N8WVeSg%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:31 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432b_kf173_12351-20844
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.88.16.188200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=12850319
expires: Sat, 28 Oct 2023 18:49:30 GMT
date: Fri, 02 Jun 2023 01:17:31 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.88.16.188200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12993142
expires: Mon, 30 Oct 2023 10:29:53 GMT
date: Fri, 02 Jun 2023 01:17:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.88.16.188200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12993142
expires: Mon, 30 Oct 2023 10:29:53 GMT
date: Fri, 02 Jun 2023 01:17:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.88.16.188200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12850334
expires: Sat, 28 Oct 2023 18:49:45 GMT
date: Fri, 02 Jun 2023 01:17:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.88.16.188200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12917571
expires: Sun, 29 Oct 2023 13:30:22 GMT
date: Fri, 02 Jun 2023 01:17:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2487
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:81; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Fri, 02 Jun 2023 01:17:31 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Xo17wgylYrc1nJRzxxkuQg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=Xo17wgylYrc1nJRzxxkuQg%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=5229B8AAD8C1EE9FF56DA4B0C8E8E610~-1~YAAQlNAXAo91bHaIAQAA1GOueQlJqBQvNn5r+rWcxcnCAxnZBNXnkjo1PJkucKDlhp+5OjvAOpjUsQyZdZEWk0Y67YoUND3wxQQp6G7FeJJ6spAFJVPNVgB//WUYRH9l+Uib5rQz/txgun9SJJ41/b1GnI2Ygvj698iBvL9wMkIp4Q8flfVHNOB4jIkEOaB0C1pzC2UPLusGVd7LM8gtTi1sAl+mir4s5BlyP3ljcnRH15U3dOwLek5rBYU/nZOYbzgfeyWrirY+QF0ToeV2b+oIu5X5ff3JJdG89o1DT/DyAXxD6NZw2D2NZKB7PGRgamlFk0q2BWCSJrLcGP5ZtYjzHWGwr05zslj/0BbOweZoFu/nM9Z+8yhm6slaa76W~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:31 GMT; Max-Age=31536000; Secure
bm_sz=C0C4AE1A02D2CE861E3C91E53FEB4F7B~YAAQlNAXApB1bHaIAQAA1GOueRPvmOSed3h8lzYshF3B3Apb/vLYjlnQQOpOGs9tml7Hie6/Fg2vDlwAj38H+AkD/P7vFdTPrfGUzrpndHuOjGkNjIBjkbsLq4mfDiGHoGE3QwC6cCrBhVS0OKXlGfsHph4BVw7di3dcmLAX600NbpLyDSxwxgLuKBouzqyz/dlKtvDHWRCjTi8tx6WeqUfuFSLYROi/YATlhar1nbdtLQ8ddKJgi6l9lplIX4/faYJ97L5qQGwjjQiNhkjVF3hSWx0BJkWCirxxsKIcIboJwxB43HQi~4342598~3225912; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:31 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432b_kf173_12562-28419
c1.wfinterface.com/tracking/hp/utag.js
23.36.79.32200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Fri, 02 Jun 2023 01:17:32 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=9AG4QSaiT1e67zbyCyzbvQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AIBWnnmIAQAApVfRiY1b_fcv022V3IS2FOh2Ch33s-6-EkwVLPC3TfHmis8C&X-G2Q3kxs3--z=q
163.171.132.220200 OK 149 kB URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AIBWnnmIAQAApVfRiY1b_fcv022V3IS2FOh2Ch33s-6-EkwVLPC3TfHmis8C&X-G2Q3kxs3--z=q
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 149 kB (149173 bytes)
Hash 578ce68e8b531ccec33c0b438dc9abb8
876dbca4639bcb9529f784e18669fa18760eed22
4052ed8ef902745cb22b0d90aeb0e7073482b8cad5bd93a8782a0d6994a2af84
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AIBWnnmIAQAApVfRiY1b_fcv022V3IS2FOh2Ch33s-6-EkwVLPC3TfHmis8C&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:81; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:32 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 149173
Connection: keep-alive
Content-Encoding: gzip
Expires: Fri, 02 Jun 2023 01:17:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=AwtjrnmIAQAAw1NizySnMSVNtsd-QXWsJ9jyEXD4ZBYZbq0UjEzH2btIhuMEAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|3546e441981782c99993377ee560072267bd6dd0; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=45wFuAqFxQ7W%2fPC5fFsH+0iVkA46AfRiyAGioLR+%2f0%2fI4D5Q1L+da%2fluu+BMdJgj; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:31 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432b_kf173_12446-50689
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/target/offers/conversations
163.171.132.220200 OK 2.0 kB URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (9854), with no line terminators
Hash 006a237bdc7a25bb2919b13ac6b8450d
53062b8286856b90fc4f7b03818ad41252cad318
03e895b6463138d3f541af4c5a43fa66dc6d87417159d192d5b15b05425a0d23
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:81; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:32 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2008
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-06974263-878c-4fd8-a87f-b55e0b1653f3' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:81; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a; Expires=Fri, 02 Jun 2023 01:18:01 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 01:18:01 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 01:18:01 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Fri, 02 Jun 2023 01:18:01 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:217; Expires=Fri, 02 Jun 2023 01:18:01 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120230601181731983602705; domain=.wellsfargo.com; path=/; expires=30 May 2033 01:17:31 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=2BC3B11DD30BC3F55D937BD7B5B46B2A; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=F3RZPLeuy3F7UTiQZg5HpXRYC9jX7lWi9BncpgAgbts8O9fnEouGAlr83tHvn6j0; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:31 GMT;Httponly; Secure
_abck=FD901239A691E80815C3FB83AA842910~-1~YAAQjtAXAqPVd22IAQAA5GSueQm0a+y7+1QgxFPNentTtzDK0C+dlwqQVS92DztskiWCI+kW48EcDwwmonRZB4W9+3LSGqDAAe5dMTRR8bnspVBfIq1+D2cghd36nrVb9PsFZjmCaOLhC3dHEGiVSllCf2zpF2/rF3m9fqNYqVEWIkKcXBUDRw9cTwT5427QqetDTPSPCCcRt2J+xSqBtJj+OH3nxXqhfpOHXmKFsR/KlPF9IL1+Commkx2xfuDtJh0n6WGCxk3vsNpr97AKXhTgSeP1bjbrveJf5TAqTgG9f++tHzFC9T8vDfaOCNkZYwxac7S9nfBMsS2oGeyR2T6LSdMsXw3/3U+AlENE+HQqWKEPh+LJjHaKFuOXFWFD~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:32 GMT; Max-Age=31536000; Secure
bm_sz=8EC69C4E687536580C371CF7F3A40F8C~YAAQjtAXAqTVd22IAQAA5GSueRNKvKhd4MfuJlEudYoyxYMmq63yjl3eA5H7Xnp7qsFTgm+Fp3TR4ajYUdXoaFqBan87zn5AjiviB7hvPl6Hl1U71Uq//fdxNFHqEEMMdFjzk4hTuVZ6dvCcwCAAOrLAtD2Ub6hh1IVLno4prNKjLLUeZMWd7d+dCb7AoKfma1fmCKPgDntxuE9RhVDZDxY74i55ZoB+xNm2/24R13YgNQY3Jqng4CfVgQ/vrLZQgh/mT4jastDQ3GVTxWYeZ9e5BaNXNHBjxl+h6YkEjvhX7N9EYpdW~4342598~3225912; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:31 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432b_kf173_12562-28416
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.132.220200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:8a359dac-c6fe-4163-96f3-c0cc28c5e4bb|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:81; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:32 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Fri, 02 Jun 2023 01:17:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=NtVLUdKl05gHjSHaoHxNp1HfoeWEQ7qoPMmPwC2oLVA%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:31 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432b_kf173_12562-28415
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.88.16.188200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=44151
expires: Fri, 02 Jun 2023 13:33:23 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.88.16.188200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=1210407
expires: Fri, 16 Jun 2023 01:30:59 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wf00_ph_g_1167564936_1700x700.jpg
104.88.16.188200 OK 10 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wf00_ph_g_1167564936_1700x700.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 934c3d90c9ac910c1eb0b55dce750e8a
dd2e2fae6829eedc3db24cba8ab71f861a9dc5af
fe083d5da7b2622a8578000b01fa68294bd737f347d6764927803fe294dcb364
GET /assets/images/contextual/responsive/hpprimary/wf00_ph_g_1167564936_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61a9360e-17bcb"
last-modified: Thu, 20 Apr 2023 01:30:27 GMT
server: Akamai Image Manager
x-serial: 1804
x-check-cacheable: YES
content-length: 10031
content-type: image/avif
cache-control: private, no-transform, max-age=1104549
expires: Wed, 14 Jun 2023 20:06:41 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
104.88.16.188200 OK 24 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87b3f9d652a18e74ea8ef53a99b251d6
8773c9b3a11fb9247039d731888724ccfb74bb5d
86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c49-e902"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 23508
content-type: image/avif
cache-control: private, no-transform, max-age=1210285
expires: Fri, 16 Jun 2023 01:28:57 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
104.88.16.188200 OK 44 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 9534a04615e76afcd0a4dda5cdf8dd7e
516d3a11907386abf70170a54409523592c068aa
d7579baa6c30dad3cc501d73364183349ac085fcfea7c2af16aaa11532bc5907
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505837-def7"
last-modified: Thu, 20 Apr 2023 01:40:39 GMT
server: Akamai Image Manager
content-length: 43802
content-type: image/avif
cache-control: private, no-transform, max-age=1211051
expires: Fri, 16 Jun 2023 01:41:43 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.88.16.188200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=1210230
expires: Fri, 16 Jun 2023 01:28:02 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
104.88.16.188200 OK 39 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 5d115cb30ce945de0d431748aa0b6073
e1af15a87872a93c56598fe21c82c252a7c82345
8f0441ba6cd327f630ce1653262816ae3fb9abf2db73b70c50be3e66c51dfd8f
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505859-e2ce"
last-modified: Thu, 20 Apr 2023 01:30:34 GMT
server: Akamai Image Manager
content-length: 39415
content-type: image/avif
cache-control: private, no-transform, max-age=1210365
expires: Fri, 16 Jun 2023 01:30:17 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
104.88.16.188200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1210362
expires: Fri, 16 Jun 2023 01:30:14 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/creditcard_color_gradient_64x64x.png
104.88.16.188200 OK 526 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/creditcard_color_gradient_64x64x.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash ca743053bce3493b932876555f9bacc5
89fb52f6517d4f2fa07fe71c33eeb2aa1676bcb7
9dc0e3746d9af9d06d8d135150885a3154037b7c4afb65a8118cf4df083a1c29
GET /assets/images/contextual/responsive/smlprimary/creditcard_color_gradient_64x64x.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62572c9d-1250"
last-modified: Thu, 20 Apr 2023 01:31:15 GMT
server: Akamai Image Manager
content-length: 526
content-type: image/webp
cache-control: private, no-transform, max-age=1212530
expires: Fri, 16 Jun 2023 02:06:22 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_blackcard_eng_1600x700.jpg
104.88.16.188200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_blackcard_eng_1600x700.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 74bb736589236fc007e166171852918f
35e26f784951502abef43963ed25a47dd0ff5aca
9e8a56fc85087fc3ad8ae077939a6b2878ab077b787521ca8d9e2374c84d71ca
GET /assets/images/contextual/responsive/lpromo/wfi_ph_hplp_blackcard_eng_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "644ad4c9-176d7"
last-modified: Tue, 09 May 2023 15:21:49 GMT
server: Akamai Image Manager
x-serial: 38
x-check-cacheable: YES
content-length: 30821
content-type: image/avif
cache-control: private, no-transform, max-age=568939
expires: Thu, 08 Jun 2023 15:19:51 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.88.16.188200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=1210454
expires: Fri, 16 Jun 2023 01:31:46 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.88.16.188200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=1210477
expires: Fri, 16 Jun 2023 01:32:09 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.88.16.188200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=1210599
expires: Fri, 16 Jun 2023 01:34:11 GMT
date: Fri, 02 Jun 2023 01:17:32 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.88.16.188200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=1210331
expires: Fri, 16 Jun 2023 01:29:44 GMT
date: Fri, 02 Jun 2023 01:17:33 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.88.16.188200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=1105272
expires: Wed, 14 Jun 2023 20:18:45 GMT
date: Fri, 02 Jun 2023 01:17:33 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.88.16.188200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=1210325
expires: Fri, 16 Jun 2023 01:29:38 GMT
date: Fri, 02 Jun 2023 01:17:33 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.88.16.188200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=1210239
expires: Fri, 16 Jun 2023 01:28:12 GMT
date: Fri, 02 Jun 2023 01:17:33 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2584
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:1$_ss:1$_st:1685670451663$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Fri, 02 Jun 2023 01:17:33 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=LWVbn4FKmOwdi%2fI1KkQU3Q%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=LWVbn4FKmOwdi%2fI1KkQU3Q%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=38C1FA455C9ACCD3DD733F4A4D51564F~-1~YAAQlNAXApt1bHaIAQAAzWeueQnlkniyGrpBA1x9jRenrej8s1yHqK/XPrGjKPn8T7eVkFz7Fx3f7q6fuJQah+xNvq7pmuowEz+5MJQoPfKcfntFY5oWFG4BKK41nPs7dkSFuUft4WKXzmMWiiCielY3tB7jekiaAm6f4fLX9aFJsQmCyP0FZ07wGU+uaQ3NV/wb4qI1acDgf39rNE1fBI+PjMNrobpG1DkjbJ3n4rBMrh9aHpb+tlL1sut2z73klf6/TZeCkmJttnqd9tIuubaT67ieGgUcpBdLPgGnVEZhSWA92FU1lSENOw47Vxd+YnoAzQJOlUo4nh2mDoi/3xMxL6tZoNkro647/r+G8xhYZfTfghQvvkua+EUPHsFV~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:33 GMT; Max-Age=31536000; Secure
bm_sz=7928A302F0A9C5217A1989A73C6AD2CB~YAAQlNAXApx1bHaIAQAAzWeueRPDRz0ZvV2DKXaClEKXNNIjfQx5lSzfYQsmoBv0mveOkUQQSoPVYrR4S6s0Q4SUXT7UccGjVhkw5ATAv1i0FHvpN/lerbNxThUIhAZBORCSeAENbf6ZDBeYTWfxNffHdHFQ8Mxmhl7nmDxhYF7oYNZixpFQSCA5UQLoVMziyVulRQtGeIUr2ogK7pSl12/2XwFj8wt60OBPhJd7NFr91lIpsdvE1cfR2HsX2jdHfuYYwPN9hIok/ari53kE4Cv24Q0zyWRHbHIGZJR0LYZJSzYOG6Ax~4604216~3749176; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:32 GMT; Max-Age=14399
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432c_kf173_12562-28428
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.88.16.188200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=1210387
expires: Fri, 16 Jun 2023 01:30:40 GMT
date: Fri, 02 Jun 2023 01:17:33 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.88.16.188200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=1210650
expires: Fri, 16 Jun 2023 01:35:03 GMT
date: Fri, 02 Jun 2023 01:17:33 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.88.16.188200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=1210215
expires: Fri, 16 Jun 2023 01:27:48 GMT
date: Fri, 02 Jun 2023 01:17:33 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.88.16.188200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.88.16.188:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=1210233
expires: Fri, 16 Jun 2023 01:28:06 GMT
date: Fri, 02 Jun 2023 01:17:33 GMT
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
23.36.79.24200 OK 150 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (150041 bytes)
Hash 1f8ffb619ce75527fd10020a4499c51e
06f4daa495e2536fa162c4e6399edf104df89a97
30e897c70f318e4cf41b2dfa34d2cb45d7dc1980ec7b3012ff132234f04fa913
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Fri, 02 Jun 2023 01:17:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A6JnrnmIAQAAMDFVkBbDGqF7zHncnWorUMK-LKuXxH0FfSpqqzhgPq1TyXqOAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|dc97aa941c995fca840e0b18265affa2388ce732; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=J3w1XNncQTf9sNd37NaSDCoxaoZAHg+f1l2x1Ml8lX4H5TX69Gd+IfCed7NwQ7e6; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:32 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/gb/detector-dom.min.js
23.36.79.32200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=D5oo3lI8xkFOLzRPowognQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=G4k9jVkVufNLnO+%2f8qEt0w%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
23.36.79.24200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Hbzs+60szVva001UefVJXyIAGtaxpTvDJTsTHHlAIXuKa6ZvAJzGk7ijhZiWOdYa; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
95.101.10.120200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 95.101.10.120:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=uml4zQfqaR+TUnhRccTHWA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.132.220200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 55e292efd607bd17efedcef3c1273efe
48f7fa7ce96a02154403c8399fc111bf54a69c57
fb2c7c94c82646b0673c78041b3316469cad3ed35ef537dc60f108d33367ac6d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------340067920313232112031985868551
Content-Length: 171
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:1$_ss:1$_st:1685670451663$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:33 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=gQ25x5hgDrTO3s7giGrlrixx9DH5U8MuuMr7OkbFtDg%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:33 GMT;Httponly; Secure
_abck=683517681B525B57C07634F889D97931~-1~YAAQjtAXArbVd22IAQAA62mueQnk/ueiTK4mK/XIXaHsYPKH+KlAY3OuT0shANSsdImybxzqNkBSwPNKwf4FdxAM/t8chVYZLPRyCyXVgbCqx3p4O5ZnHtLccWVq7lfvHSCwCNEiDgia45Pqhy1UmKnXco6KsmJ6e8ItDdGsm78FRo83pjWlnk0HobbOcljHlOSOaGlG1jf3LikKNd0qgxZ7pk2fKcskyjOlPN/K6VoeSb6IeniLXBhGw/VWFZ0YIErecArsV8are65hMDs9DIqj9vZEye47N1YV6QkTlD294EKDi9wf4TieFQvtJMmLkGU9ZXpso62yhxTDvRD3L2aiVB3XzkxkuEMlM7wmnM1okMF6jcqBaRZmdT2d4TD+~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:33 GMT; Max-Age=31536000; Secure
bm_sz=2648B75ACF9562CF23954EEB2133EBFD~YAAQjtAXArfVd22IAQAA62mueRNbC+sL5JYGGPyrYqLIn6Kie0Dk5OTmcMgEncPNSYTdoc6h8wvJquEG4K2QCTFYemYTLvJ2GLOtabMasB72JxwPB8QZc5iMt8dIP2FX1QCV0EVvtAo6lg2oImUvQ0SVRoL1dRgYOd5IkxDraicscIlY885G9870kknn9mIf+LQ3qeIdqHNKWowFMFRcslbIyHNW8w0Ts3RSjgY/ZYsp8J9pdo8/ZaUUFhV+aG6wFOCx3wjWALFPYMiukWVOr2E+dHPgALBeMJVxNs3Pq7vLjvf3GtEz~3686960~3684400; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:33 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432d_kf173_12562-28436
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
23.36.79.34200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=QCd%2fI6WiGErNIBPwzdRJ4Q%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
23.36.79.34200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=azoQGYX3FxNDqLYzGBraIA%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /DdrkOpEh7E5gp/UP7svlzv4G1/TdM/1DEuGftzfLfE/OyhvFgoadAI/Eg/cwXltKV34 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2611
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:1$_ss:1$_st:1685670451663$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Fri, 02 Jun 2023 01:17:33 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qFfkIR929ZZ+0B9EfrZ04w%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=qFfkIR929ZZ+0B9EfrZ04w%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=1AFB3F94406929B88B6F45370AB45130~-1~YAAQlNAXAqB1bHaIAQAAFWqueQl5bHjS9MT1MDiBQUSzCGXAPesmOGxmwFAFDJhr6DXDDPAP+oniCqqmxqeJxJTi44SBjmHryNiveZvYIPYt71XBz++t30wmxtkMrAM8lXJQQl7aoYLsDqgwlfUqXojKhc86BUsbyG0Gfs2Y9cXT6uBe8e5EUugtzEFFQpcUqBs1xKz4TLSKnUcz6x3GiYwOpZ19lhkD1MUB+8TpcH4dphYXDGnKwuTH9JmtchtBy2Uh9xYLpmJ0hotlqoGveN53hXllRrP3J+I7ioFXFxbZ10qG0D2RRkOfRJurtKilukP7bMGYNuspoHOwBDuS4dxMH2KKYBcYw1xJMNUeIPpxc6urAuiZKBIYdBhUCjhQ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:33 GMT; Max-Age=31536000; Secure
bm_sz=1F10C79DB587C73204CF61153D6C0505~YAAQlNAXAqF1bHaIAQAAFWqueRMPgTPzB2HGzXWFAhYy2hQJPRwgWOGY/013+S9MC4DMWYLy6y4TgK3fO8RkrCa3EyEECev3Y95Gh+pXgZDjxhrxJu6eIDVuwO7wl/yiMEheZeizv3OvgNFRSXaNccBO0I5VPWp1lNI9jSvtoqu12So4Y4CFSkIX8LN4EvSP5qhSk8Qu5AX/J633nRU1SshFEwSeU6QFW2YAA3a70uRQzibVqBh8bjep4HSrTDU7TcoW1oY+/TvrJViAn388PdVyt6AALioTbIFSramCpEAuQmY8HU0/~3686960~3684400; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:33 GMT; Max-Age=14400
X-Via: 1.1 kf182:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432d_kf173_12446-50706
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
23.36.79.24200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=YAMl3us7Q5ftRYMp71d6PUr6pXhV8vwLUIcoidocndC84RQEWjqyQDlxTrJW0lnj; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=HdY+LwUNjt5VcCVrlS+wpw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nQt51Y6wYioeop%2fEa8PGpg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
23.36.79.34200 OK 308 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 308 kB (307653 bytes)
Hash c85014374233a557bb0c3371506bb5a0
aeb987debdb406b79606440a165a027770ee03c7
79c53c9a2acedfe344e6246a510b6c7a687fb868006a15f7afd5886a1b88abf1
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=BBAFwlN7VpcPQpDBT5G20hfwscxWDY6d9Nwz34sHJ8P3jfHxbpSM9QPtlAhzZWsW; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.24200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=dA4hTYmA2%2fx2GBIbXin3tqDeVQitr%2f+PlVr8Pmmn%2fE1DKQ1B5AW9YWlBAmvEJzeJ; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.32200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=R5pP5yVacpk0HOaAYm9f6Q%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8%3A0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pv=2&f_cls_s=true
95.101.10.203200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8%3A0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pv=2&f_cls_s=true
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 2c38ffeb10bdd50f23390686c4d0f43c
235ad7ad05755598baa4ff40bbbb272091db84ee
f1ac4cb8bd603217478aca9aa39c9605621ce63a13819f028ac0456afd94fc33
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8%3A0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1145
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cnection: close
Vary: origin, Accept-Encoding
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!1CYYIqhHS7Os/jXpnNE5eVRfS7HzY9PXSLBdrv1wMlQP2O38xv0MOp9KVjYapJ98NlPtrvSPgGfFEQ==; path=/; Httponly; Secure
DCID=nVoAxRlWOraiGFB8XHvDIbNfgarZLWBKUBg9DgbUv+%2fskjC3pemGBy1gCGJwkhDo; Domain=rubicon.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653481&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653481&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653481&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=AzhOp40fsfiSnlpREQRpYDLLI2Ln0S91keuP%2fcl6O3Y%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432d_kf173_12562-28444
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653564&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653564&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653564&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=gMy+rLYOaDU0ufqfdAgrb9JPebaF30bqrcWWGyfEveE0lVBTorNRgK8AWl8k5Lcp; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12446-50712
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653570&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653570&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653570&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=XiXpajyC6WbqzGryipKRNZudfYXjzL8ThZw8ppP9Gc0UeJREavCFb47HDUGhrmCj; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28446
c1.wfinterface.com/tracking/ga/ga.js
23.36.79.32200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=HPaQI6%2fite9m0pCtFNfbUg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
23.36.79.32200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ihFtvb8kjTbJbH%2fDUsAYDg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
95.101.10.120200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 95.101.10.120:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=E0iINm73XGYAe5yjEh7pAg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653583&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-228317-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653583&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-228317-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653583&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-228317-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Z2PnqnZxNX8+6eNFrvPtQc9GkSMgHVfYmma0tcA45NU%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12351-20882
connect.secure.wellsfargo.com/AIDO/glu.js
23.36.79.24200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash b5f8db6db25226257ba36c8977297184
3aecae9de5ff03ea82669a456c91679650e12d5c
d9a9cebf1d18dbf4b2dea84d617aec2841d09ce9a965c5e0c8c1ec879ffcec1a
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37166
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=BynK07cdxlwFPkiEytmYOATIVpDxz2U8pfn+hYKdr5qU8HGZJbDOD0RXIQh1bjGn; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653577&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653577&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653577&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=veESnSvjLKc4ciFMrb6RPy6Q+sjoGTfrbQZVCAa2pU7ZuNOfBBzglqMdX%2fHtCThC; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28447
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653586&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_wtr_accessrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228317-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653586&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_wtr_accessrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228317-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653586&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_wtr_accessrspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-228317-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=BsVcR7piMK0Rfd0FUClQmmAnWR0UgtAAyBe+pLBGL8l201DokccR4a1d7yxdJpXs; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28448
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653593&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653593&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653593&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=azXceAMUjkO6Ecvpqq4Uh%2fd82Wa8C8EW%2fCCn1UurtQrXa+7ID3H9yzzJgNGDS4V7; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12446-50714
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653597&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653597&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653597&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=jCmNLHUDzfsT0vjrmXrYP0LAiDz7iivtlrZKjhCvEJZB4J%2fQyx7zx13kIXhgm9eL; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28453
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7395848496152166
23.36.79.24200 OK 136 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7395848496152166
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 136 kB (136545 bytes)
Hash 4d233c18832604309272b31a78ba6396
8cc10d9531edb750594fdb1a445b0af1ef4aa5b0
387597f11b40403f520aff627e8c3caf7f5b8e64dcead34b55cf502605e69e79
GET /AIDO/mint.js?dt=login&r=0.7395848496152166 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136545
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=LMttacDhcfATe1Kmk15EAVHJwT09FTQJqb5KO6j%2ftJeGLH5gvof4SojWOPohDKVC; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/ec.js
23.36.79.32200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 23.36.79.32:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=6jPf8aro7fo2d66I3MQITw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653590&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653590&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653590&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=b3uLb%2fJnQo0YdMsH7GU9Uhcgt0IZ8n+Ai3Cy7dxV2IU55XVMh8br6s15aFuF7xNx; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28449
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653607&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_tk1biltcardlaunchrspv_smlpromo&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653607&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_tk1biltcardlaunchrspv_smlpromo&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653607&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_ccd_tk1biltcardlaunchrspv_smlpromo&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=hON2zfujrv%2fQtynBe9HrEWVhZFnHxtXpDImngq1h0U8cEqFBqcPiKmQm7oPsTG0P; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28455
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653611&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653611&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653611&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=9lid8j+AXnW%2fqKfUPqzJuhR7eFFdbs1xrEfI7FpjdRR82AAeCLDQJUc+fTDe+fQX; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12446-50717
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653600&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653600&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653600&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=AFXvWkuxpo5E1G7gTFM%2fdRNGrYGZ45vR1lGfpzkDWp8%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12351-20886
ort.wellsfargo.com/securereporting/reporting/v1/csp
23.36.79.17 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 9940d4aa-60f3-4a8b-63ff-692e757961a1
X-Xss-Protection: 1; mode=block
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:765fbe8d-5371-4c58-8905-d08a7e30d3dd; Max-Age=30; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:765fbe8d-5371-4c58-8905-d08a7e30d3dd|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2; Max-Age=30; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:2|d:2; Max-Age=30; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure
DCID=XZ6ncudYnhvWwdNyjVTNOcivomoT+g7vue0q1g+RRtw%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
_abck=738E71B56B043599DA5711D9CBF09BEB~-1~YAAQDU8kFzA0v2yIAQAAP26ueQlH37WstJ7xqnyVNOZ6xChme0ODbuZe5Z/HZOmanMLOr9tPxLqzF3+xI5MjE4BBeZ98TJxeJy69wyHGkX+uQQJuHGdnymG0rKSj/uJmv4KFXj0WWtDG9KpgsyMo+8HTLONbmXVqVJ6rV/QnzTaVsoJ2gC/Ct5NmiTBZpiyzYUA+wo3Xu0FvSipxdk0/a45fzW4DecHcpMwSoTRGbuzgbORw0zzq6kyOE/F7vN10quOy0SMSOchfugIXSGx8GFnXi7iLB72LvJPnqrO6IuUM9bh1BPI2monPF86e2I39rwXzeUdbOqHaGWg+D0D9rUGYTp4HHNKIJsSyD5QbwHC0BEN4jwq6PJTk9S6rgyRZ~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:34 GMT; Max-Age=31536000; Secure
bm_sz=F23E8BA597A703D09AAFA604E686C1D9~YAAQDU8kFzE0v2yIAQAAP26ueRNBzaU3PmQrFpkIfBLTblUcG38kAML9k8QtLAZkAsMewFwepBBjIfPRqcVkBfxGlJ69gNne5443h/ry6LO44HlLi81uZbdUljEl5EFY34H8WkrPcThjv28eKVVcddKAN/tfNDr36kqsMOpyszFMVn0/fH113+XGlX2URIUyva68gvlEMCRg0BGr6I7Ue7amF10AanCkXVC5eIepKgEQmM8UM7EckHlm/O5QijPjg38ARCPEmBwrGnCsfIvT1jEhz/lwkwv4WiSqAxsjJmDMUcqhn3pz~3158326~3425094; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:34 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 967 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2434), with no line terminators
Hash b8ede86a9dc07a2044c9f7560a75a6c2
196c4aed0e57c3466b5dcda07f4221ca86485ef1
e0f15569c4ee254c7ff9cd73e53d581e90cc013d866c297593e08b46f7db7ea3
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 967
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-9b0b38ee-1284-4197-b21d-1fc8ed154f04' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:217; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:81317f56-f299-43dd-a47e-3b38ace21dee; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:81317f56-f299-43dd-a47e-3b38ace21dee|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:21; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=C842469672166870914452229A180E1A; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sat, 01 Jun 2024 01:17:34 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230601181734444554746; domain=.wellsfargo.com; path=/; expires=30 May 2033 01:17:34 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!MY4FmNXU20A63RgGl7IZxfIs0wroUQEhfznS97OS92XuT08/ZhQch6ttH0sFiF+yAzLKlsNAOgWBgGc=; path=/; Httponly; Secure
DCID=DRoFql4xYSgOIO2sqMKVbmioXzlplDeyqw6ZrbhOm1c%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
_abck=DE672EE021A9C048EFE84C4A448162B1~-1~YAAQjtAXAs7Vd22IAQAAU26ueQmUjy0CU3wAHFdfPm4EMhLhWpbYgaMNG4QNh6Wu8H7482v72/KZ7TJ5KDoC72vx4Uv8TKRDInF/1nkGHlY+G+/a9BEoeRYhZM9H3VxKTHNKVNx8giU5mC++JuXVNvFgWD6ZcAtyTEhYUzAg43V7v7My4YgJmo/eZceLnDWBQFL9Jjy0xdDJKx2n/Tk0jiIQXtcKKJG2HgqVuQTj6r/jW2LlRnlckkV0pxiLmazy/EfQBV4j4gg2APuE87ZYuaFNMmXIu2ShJMIy5AYFUosNv8Ltv1LCw8PuYMXdIGv+r9IrWdey2LmU8IdZf9ATX//cryDZMAlWph/vDbUun2JWZiKqgdHZaBNcITNyRXko~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:34 GMT; Max-Age=31536000; Secure
bm_sz=AFF49129903FB97E8BE63C5B6474B4E2~YAAQjtAXAs/Vd22IAQAAU26ueRPGoyC5/bCHIsDTIkSrwJs8sK73+C65dVlxuG757cXfr8cHXjpQEFAvXky71UqvvXgQr5CGS6EkOxskn9qh9ua+ukUHgRMu/EECTGjgVdxMLJsGtpQ51P17EVl/O1B25uoSONc7LY+Bih5Q/t7rhkKCIOG9halQWc7ufsXSGwOTIfhmgSv5UZTDIMAvNJyNjutA1Y4A/3u05leXtyIkaBXq0QRcFEGf6A7l5OMFdYBkmxPMOoDpP0uk8vVLdtHLphYXd7AWfumQfZSnSWueerbAG/+Y~3359285~3159105; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:34 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28458
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 962 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2430), with no line terminators
Hash c49683ea9195df1e62bb729f07d29b63
df2214af157e12550171c7d9ef81c073eda4201e
45af78bef1f46c3090eef119941706b536948a818fc59108ccbe56c91c3bac4d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 255
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 962
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-84293c10-b0be-4696-ac59-694399a38acb' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:217; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:e3637bc0-9af7-49a2-a820-0c900ee8389a; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:e3637bc0-9af7-49a2-a820-0c900ee8389a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:60; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=CC5A35B1FCB85C274C4045163D1D971D; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sat, 01 Jun 2024 01:17:34 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306011817341766557257; domain=.wellsfargo.com; path=/; expires=30 May 2033 01:17:34 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!pAf7TZLBaJPYCk8MntjHYqEj2JIOPCJ2a75FEW1kcEd8L/blWKXd2VDRwinvYkAg5cr6BwklMhrHnFs=; path=/; Httponly; Secure
DCID=JAwfy7RJZC8Goadsy5oMhF6rI%2fCOkjlIG1Zmq6cvKYqK5PRIvJS3yeENj1dcWd2T; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
_abck=415FA947DE928E371F2AE71D58553825~-1~YAAQlNAXAqd1bHaIAQAAeG6ueQknMn1SnPhepHqUffm5CbzrF3B8vBWLrhRgez2MGuj/GvVWPWs0vp+WQwVBcmVsyBJq/+vp7YwxAvf+R4GymGIMSOVdT84rABd/jAQxpVs7KzSczEhT8dbwaZ5ysGyJYR19A7IkX1qJsFUy4LT9Zo8J7iTuQeprQMkTpIN2YACsAqWKGy7WcAyLZNV2dM+JmHcbF4meOu61zCGxi8pMtv5pi/BEHBb/phLqKw4aIJNsq9o088EhbytUOV9/ihH9BxM4xy5Gxgi6SQ3Z2ORQHJwNVerAzKUOcRlYgygjgaV6BJdALwbfM11g/fASoL4AeN0Ft+b1YFSVgwejhXy9TisA+pM0hUSNJWYkihgw~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:34 GMT; Max-Age=31536000; Secure
bm_sz=14B494A07F61DB80D2C88265BF915D81~YAAQlNAXAqh1bHaIAQAAeG6ueRPaHI5gjj7sF9Zm8CVCYHggY3IR2bL+zO7B/VKgbZqHDnk/cwsZhWGqlk3IrpzHqvE5nGA2wYi2rvnnOeY/dIr63Y887/V/qezV9ZdAfJepkBSoHooucYxcIYvVtZRH9TZdSgUBVz4abludRtYUUaok7T2+zjVsKv/VB1Pn778ET50ESINXIX1x1kaW6Jiva0CJPkmBRqAYWJqfPoFOXxO/aiVRObTipxkMca1DBKTxk0fh3CgmPGVq1I7hjcnSPv6m9v0rsShzuPRen6lbST6MZRck~3359285~3159105; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:34 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28456
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pid=fe9cf04c-3234-4304-9ea6-ee935dcbbeb6&sn=1&cfg&pv=2&aid=
95.101.10.203200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pid=fe9cf04c-3234-4304-9ea6-ee935dcbbeb6&sn=1&cfg&pv=2&aid=
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 2c38ffeb10bdd50f23390686c4d0f43c
235ad7ad05755598baa4ff40bbbb272091db84ee
f1ac4cb8bd603217478aca9aa39c9605621ce63a13819f028ac0456afd94fc33
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pid=fe9cf04c-3234-4304-9ea6-ee935dcbbeb6&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2802
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1145
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!HEnST1cFNe47AxTpnNE5eVRfS7HzY4bqWk5myen+Bp0FQiGB/KuFLBvCKT7qSGCT+WKX+9UqT6BMWQ==; path=/; Httponly; Secure
DCID=HC3shTMOzU2S6N2YY2xETi6W33h+YeuRO54fyHx6LQX8HHrCvFed1lti4QS5BYc1; Domain=rubicon.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 945 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2363), with no line terminators
Hash d0b75b627006b10ec100cea84449ed86
0de6432a6c0d13866f3f165a21e0f39abee9ded8
f1bdef5e415d0d778b6093418023da1b22473ad3d24d52f032fde866097f3ae5
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 945
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-d4ec151d-80e5-481f-98f5-fbf3b405c0fd' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:217; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:94d4c2ae-484b-4983-afdc-d2275daae410; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:94d4c2ae-484b-4983-afdc-d2275daae410|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:66; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=E8A31D0FA4C1BA4D0B0A59EE12829E39; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sat, 01 Jun 2024 01:17:34 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306011817341037550189; domain=.wellsfargo.com; path=/; expires=30 May 2033 01:17:34 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!8y2tjcbq+NiTJpfz2xKqB3cO2dndHkl06fs0zrnTVYknwPSSYSYpR1lM1ZsvAxoOPkl0i2hgudCoiOc=; path=/; Httponly; Secure
DCID=dqWZd5UY3BUqmqjkae8TzjEKMUj+PdMNGnSw41eMMS39ZvmYKlmOHs%2fBKkBM3MKd; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
_abck=34A02CB46801143F1317D100E2AE22C7~-1~YAAQjtAXAtTVd22IAQAA+26ueQn6FHqhVkcPjJMuH7Os0ye9XoLSQ2hWTd2RWMUiZIQ/wbIHFWqoOTrze+4Vlv2cTJ1pgEMWLRB6qEK52HOIgVeLtSRG8cBOgAxnOzxbt9TVAOVGbms+P4sj/ifMKzWlc6JXSM3cgMuFf+WaWInAYSXAUynP8PnQnFH/Vm2whWXPmLC7GzfUjDL70n1Lqi7wcNoLuMeWvT31z8U6reSYL+a6FROFBzIwy1kRZuCJZU/MGeAALCcDFWSX6PbNJRuzjFUWvBbcuSRRuL1kT/iI9PyA32RM/M6hQoO4nlMhejj4zx6FzcxzTETwfzqkQJ5f+gLaPGhxeMJ5fMI53SY5bcZQI0n5mk72swPpp9Tn~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:34 GMT; Max-Age=31536000; Secure
bm_sz=35CA6886FE58998B8C79565C282A26ED~YAAQjtAXAtXVd22IAQAA+26ueRP/1tVykcBW1wVP9aI3ingsA63Y6N8RL7wZva5NoDER+VGBPhgGWLjrWv1g3cDXJj/pgIBzPD9JcxZRkrk+BXR/vu5/URVnbwlglSAp9ga2kUdMniVci1/jm+hqAR9UKQ45a1tTF80UGbslstfJ8+ywtqRm8vD8NzsQNcXbF4EWjwlloTD986L6ZxVpfippwO50ZJ/v1fHth+QhMr+Eyh/AuczXXQR4GWWKqakm3glejtcW/gxWoD4XOh5SO+jIqyrRYHuUAzmEsNwhdXsTxG+BzSUc~3359285~3159105; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:34 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12446-50719
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 972 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2438), with no line terminators
Hash 9d30bc5d26d646f1306f679dfd8a2cd2
16846fde96ce8a283117d878f817503f0f2ba6af
128b7a01b32bc2bc82255edcdf2a8e08eb0e44bb192f3b33836fc3b41d6d292d
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:34 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 972
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-ef7c8f6c-c055-48be-9fb5-5e20b5483fe1' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:217; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:77501f07-b8dd-4148-aa0a-190dabb3ff32; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:77501f07-b8dd-4148-aa0a-190dabb3ff32|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:16; Expires=Fri, 02 Jun 2023 01:18:04 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=3CC68103714D9BA49A6616EFA42B5F4A; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Sat, 01 Jun 2024 01:17:34 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230601181734586565784; domain=.wellsfargo.com; path=/; expires=30 May 2033 01:17:34 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!Xh+rmTuRG1O45gUGl7IZxfIs0wroUfRp8IHRPCnlg4CSp3XJM5aPy5mFJhbATe2eVBggo/sQeOP1jh8=; path=/; Httponly; Secure
DCID=a74THulvIbxu%2fhcMmK3PRH0upePNfGW+wFchDaO%2fK8E%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
_abck=DCC7C0F8E2BC3AE618F28877074F5F48~-1~YAAQlNAXAql1bHaIAQAA9G6ueQn3OYOndhjqFaFLwMqj3nefbf8PaSiAL0f8eHKUM3KvbEYF7vRc+dl0ctrwAsuRjRnHti4edtEbgsQb5sIRFH8pkBqEBS20DFlKOVMtAyd4HHDzR2mf0Hvly+PD00O61h522A3lSKnFgPnQkXG80Li74+lPLnQfGEV4g7KMiZStz7/rH5ZX2s29Ic+zLxowbynun2r932IaAcGxEiv1UNKKcMCYMCX7kuMtmPB+sybVZ9n9Ff66vyUdl7a97auUUD9a4YhO+eWwe0O6xCXWzoDlduD7PCgEP+NgdMq4x50JK/hRZUgq1KSYk/0Frr5mRF8R5R23WIu0BjNeJlMJfl8Zk+XhkTHNAD9ODdAj~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:34 GMT; Max-Age=31536000; Secure
bm_sz=71067CA63A3EF80A4411CB28B6E7A541~YAAQlNAXAqp1bHaIAQAA9G6ueROaOUN/KndDrS2OGMWo0/kotdRUHBhx7z9bUFCqNo1AolIQJcb7XE6LuWStPO+SVj7byaFpPH1lmfSPzItP4ZMnAe7tjUi1TAQghW0LtNib6PJQtXYTabnOk/W7vSTmll9epxyEewtLHWl2srhiNQlMS0VydtmaqoNgwXv6cOrikiBrMttMNuDhUYCD0lQ1aXm9LXPSTWX52ZFwIJFcyAjabE/6Cr0nLpnDinWVXCMJ95IN2o6j+311PSygpilhOPw7OcCpj5PqIciRbb50rz6U8W1m~3359285~3159105; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:34 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28459
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.4154079032412331
23.36.79.34200 OK 52 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.4154079032412331
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 13057c88558acd97d920f5fb18513122
ea808c7215c4bc8747f7a8bf53902a3f8e22a8a4
55c1f77db950cea99a1b374ce85f4d15e225fab77d9c3cea6f79f5a45b6c9acc
GET /PIDO/pic.js?r=0.4154079032412331 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52526
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=umTGtpQTS5lfX5SLE7usyC+FyvqB6S9kwEI9mkiKejo%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653603&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653603&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F&cb=1685668653603&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-242364-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; ADRUM_BTa=R:27|g:14cbfc48-a97c-4c32-a66a-dfdf79a9261a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:217; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:35 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Thu, 01 Jun 2023 01:17:34 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=10Y1zQZMwTm2ETtM4kIaE8WHLe1+9pWim3G13Gl%2fsCWoLLkhh+A6IJ09WdmeO2uR; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432e_kf173_12562-28454
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBKc1FPV2lTK2NYelBuOGVZQ096d09UTmRRMDBzeGNyMk5PaW94TXI5S2l5RDduR1JZRXprcFovS2lPdEFMUkRZUmN3bU9aUzZNWldxWlQ5c09NTnpGMTRKOGR2eHN3ZEc4RHA0WlFGc1JSdzZIbC8ydlVydE5yd2tVZVpRYVhpQVdocWptS213ODdSUXY1ZlUwRGtVYUVZOUhWZlUvZEtpS3JxeUxZWktVWHBmckI4eFhFOEl2WEpieXR2blRlcldNUWI0MFluVWNtK2dJK09VOUJWb1B1WkYrcFh3bUMzaXJLQ3JpT0RMZHl4cjRURGJ5WDYwcy8wWDFPMjREL0RoYjdKaTNVdHgwK0RCZkVNOG13bVVkQkN0VlRDQ1JGblc1N0RmWWJzPXwxMDVhNTIxOWM4NzFhMjBkMDMxOGMwYjE3ZmRjMzYxNjk0MTU1ZDA1ZGRkYmRiNGE4Y2YzOWI3N2Y3Y2ZjZDU1MWM3NGJjNzIxYjZiMTc4MTFmNjZmYTUxOGNlMTAwZmM1MTA3NmIxMzFmYTM5OGEzZWI3OGU2ZGU5NjU4ZDI4ODQ0NmVjZDdjNDY1ZjU0ODg1NDY1Y2VkOTNlZmE4YzkyZTE1MTY2NDJhMjRiOWVhNGZiYzJmODJlMmZiNDNlYmQ1NGI2NDAxMTg2MzY1ZTJiZDAxZjBmMTA2NjhjYWVkNWUxMTMwMDU3YWRmNDA3OGI2N2Q3ZWQ1ZGFkMzY1ZDQ2ZmYyMTI3NDIyNDk3MDViMmI2MzA4MTc5ZjNhZTJlNzY4ZDk1YzVlZDc3YzcwNTFiYmZmYmIxZDZmZTNiOGYxYjE3NzZhMWU3NGI3NzcwZTc5NzA1ZmQ5YjRlMjU5NDQyYTllYTc2NWMwY2NlZGNmZmNlOTJjMTNmNDMyMGU0ZTg0NmFlOTg4YzE2MTU3NWE1OWJkZWIzZTFiNWYxNDRmZGRhMDhhZmY3OGJmZTU1YzIzYTExMjY5MjI5YWI1NDEwM2FkNDAyMTA3NDVkNzUyNmUyNGRhZDUyZmY4ODkyYWE2OTdmN2E5NjA4YzU5YWU5MWI5MWFiYzVkNDBlYmVjZHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com&t=jsonp&c=ps_dkfvexgaloent&eu=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F
23.36.79.24200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBKc1FPV2lTK2NYelBuOGVZQ096d09UTmRRMDBzeGNyMk5PaW94TXI5S2l5RDduR1JZRXprcFovS2lPdEFMUkRZUmN3bU9aUzZNWldxWlQ5c09NTnpGMTRKOGR2eHN3ZEc4RHA0WlFGc1JSdzZIbC8ydlVydE5yd2tVZVpRYVhpQVdocWptS213ODdSUXY1ZlUwRGtVYUVZOUhWZlUvZEtpS3JxeUxZWktVWHBmckI4eFhFOEl2WEpieXR2blRlcldNUWI0MFluVWNtK2dJK09VOUJWb1B1WkYrcFh3bUMzaXJLQ3JpT0RMZHl4cjRURGJ5WDYwcy8wWDFPMjREL0RoYjdKaTNVdHgwK0RCZkVNOG13bVVkQkN0VlRDQ1JGblc1N0RmWWJzPXwxMDVhNTIxOWM4NzFhMjBkMDMxOGMwYjE3ZmRjMzYxNjk0MTU1ZDA1ZGRkYmRiNGE4Y2YzOWI3N2Y3Y2ZjZDU1MWM3NGJjNzIxYjZiMTc4MTFmNjZmYTUxOGNlMTAwZmM1MTA3NmIxMzFmYTM5OGEzZWI3OGU2ZGU5NjU4ZDI4ODQ0NmVjZDdjNDY1ZjU0ODg1NDY1Y2VkOTNlZmE4YzkyZTE1MTY2NDJhMjRiOWVhNGZiYzJmODJlMmZiNDNlYmQ1NGI2NDAxMTg2MzY1ZTJiZDAxZjBmMTA2NjhjYWVkNWUxMTMwMDU3YWRmNDA3OGI2N2Q3ZWQ1ZGFkMzY1ZDQ2ZmYyMTI3NDIyNDk3MDViMmI2MzA4MTc5ZjNhZTJlNzY4ZDk1YzVlZDc3YzcwNTFiYmZmYmIxZDZmZTNiOGYxYjE3NzZhMWU3NGI3NzcwZTc5NzA1ZmQ5YjRlMjU5NDQyYTllYTc2NWMwY2NlZGNmZmNlOTJjMTNmNDMyMGU0ZTg0NmFlOTg4YzE2MTU3NWE1OWJkZWIzZTFiNWYxNDRmZGRhMDhhZmY3OGJmZTU1YzIzYTExMjY5MjI5YWI1NDEwM2FkNDAyMTA3NDVkNzUyNmUyNGRhZDUyZmY4ODkyYWE2OTdmN2E5NjA4YzU5YWU5MWI5MWFiYzVkNDBlYmVjZHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com&t=jsonp&c=ps_dkfvexgaloent&eu=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5ac39f10f64b2919f88e7d12be9d3aed
039116343569ea7ffc3695d7fb53b91ca30e804d
3db52bb450f98562a9c0d1c808bae018f3d77eff5000c2f2c66de68b5d850b8c
GET /AIDO/vyHb?d=ZW5jZEBKc1FPV2lTK2NYelBuOGVZQ096d09UTmRRMDBzeGNyMk5PaW94TXI5S2l5RDduR1JZRXprcFovS2lPdEFMUkRZUmN3bU9aUzZNWldxWlQ5c09NTnpGMTRKOGR2eHN3ZEc4RHA0WlFGc1JSdzZIbC8ydlVydE5yd2tVZVpRYVhpQVdocWptS213ODdSUXY1ZlUwRGtVYUVZOUhWZlUvZEtpS3JxeUxZWktVWHBmckI4eFhFOEl2WEpieXR2blRlcldNUWI0MFluVWNtK2dJK09VOUJWb1B1WkYrcFh3bUMzaXJLQ3JpT0RMZHl4cjRURGJ5WDYwcy8wWDFPMjREL0RoYjdKaTNVdHgwK0RCZkVNOG13bVVkQkN0VlRDQ1JGblc1N0RmWWJzPXwxMDVhNTIxOWM4NzFhMjBkMDMxOGMwYjE3ZmRjMzYxNjk0MTU1ZDA1ZGRkYmRiNGE4Y2YzOWI3N2Y3Y2ZjZDU1MWM3NGJjNzIxYjZiMTc4MTFmNjZmYTUxOGNlMTAwZmM1MTA3NmIxMzFmYTM5OGEzZWI3OGU2ZGU5NjU4ZDI4ODQ0NmVjZDdjNDY1ZjU0ODg1NDY1Y2VkOTNlZmE4YzkyZTE1MTY2NDJhMjRiOWVhNGZiYzJmODJlMmZiNDNlYmQ1NGI2NDAxMTg2MzY1ZTJiZDAxZjBmMTA2NjhjYWVkNWUxMTMwMDU3YWRmNDA3OGI2N2Q3ZWQ1ZGFkMzY1ZDQ2ZmYyMTI3NDIyNDk3MDViMmI2MzA4MTc5ZjNhZTJlNzY4ZDk1YzVlZDc3YzcwNTFiYmZmYmIxZDZmZTNiOGYxYjE3NzZhMWU3NGI3NzcwZTc5NzA1ZmQ5YjRlMjU5NDQyYTllYTc2NWMwY2NlZGNmZmNlOTJjMTNmNDMyMGU0ZTg0NmFlOTg4YzE2MTU3NWE1OWJkZWIzZTFiNWYxNDRmZGRhMDhhZmY3OGJmZTU1YzIzYTExMjY5MjI5YWI1NDEwM2FkNDAyMTA3NDVkNzUyNmUyNGRhZDUyZmY4ODkyYWE2OTdmN2E5NjA4YzU5YWU5MWI5MWFiYzVkNDBlYmVjZHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com&t=jsonp&c=ps_dkfvexgaloent&eu=https%3A%2F%2Fwww--wellsfargo--com--vt49329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:17:35 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=xRqqJ1h6pVuXjgi1wcBRICQVhdmjtbf0iCwYbGZ1vLRCDeV+N%2f9adz9tYKunvZmp; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
_abck=7B093A3B4366CCFD55C000EA40EC91CC~-1~YAAQFE8kF5mmzm+IAQAA2W+ueQlJ49FP4EWR1kFYizOV9QIiAx4cwKCZbbEvAd2QnA3EC35cYx7L16yRgwrjA9z4UpPsdA+jK8J+oEW1do5W33JXFxF5vp/zZ/jRRhb6VNVycnhdHwr8ixT9F2Sc4eJ11fK/qtHakevxwFs4dpXmr1rrRoEFRyEgzEVTvi5xDw3TQDEH/onQQBQwfNmpenuT+d84ZSH2Cr0ynJwW1Fm7aU+MOexV5e9h3ViCVdGlYdt9K1rIdUvCUUO/5VY7c/pJLAlsmrMOu7oCJGd4f0Zf7GjmcgElZTDNdDzJNRQnT6099re5OLN+HdRj5jHtBsEUdNv6C69J5TWFIVbHNByQBTAIBjt3SY32h8Bz9YQk~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:35 GMT; Max-Age=31536000; Secure
bm_sz=0BD6CBF04CA81173A4A9E80C22EBC7EF~YAAQFE8kF5qmzm+IAQAA2W+ueRMW1roaz+Av8yYbL/DmDNIHPBVrMuIi51cCxTtEzz1FLr38T9SGwTNkIMP6B6SJOkGjssjz9uusFGMCQsajpKTpc7rFCZZLKdsbdl0FzChfARdnK4C+g+ZuQi7JWbCRL0TBw4nxPlPITtj5XG7lDJgpkC/Y0sIMpe0O1m6in+TbSEaZ573xLmuNw9KNX+veSu2D2B43o2k6hNa044HCCDwEqe+HijlSK8X+tnp3+/WtI0wQbIm5pIf7nrX/EIVPIgTeBJDkR3+yEszHMlZYx97J+0xK~4273986~4403504; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:34 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
23.36.79.24200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.24:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash b9f4b3c3f422dc1a068af6190f6c7024
cd3b66640dbd3b4e214245102fe09cb601217ded
e0a51e288532758d2e814d561dcf8e5c5b0da313ac7a30d782b8e790b78ec399
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 18025
Date: Fri, 02 Jun 2023 01:17:35 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:666d6fa5-aaae-432a-97d8-c0939a8b53a6; Expires=Fri, 02 Jun 2023 01:18:05 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:666d6fa5-aaae-432a-97d8-c0939a8b53a6|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 02 Jun 2023 01:18:05 GMT; Path=/; Secure
SameSite=None; Expires=Fri, 02 Jun 2023 01:18:05 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Fri, 02 Jun 2023 01:18:05 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:3; Expires=Fri, 02 Jun 2023 01:18:05 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=+Rnq3HAPykeezCBT6rlzZDooEvisTmXj1GVl3S5oTvO64I4hbk8GH+0XQR91kS9e; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:34 GMT;Httponly; Secure
_abck=E011107F91591A0165C0BB52AB187E15~-1~YAAQFE8kF6Kmzm+IAQAArHCueQntdbW4pfxOsMHh+1UFVq/+g+7btNYHKq6QNz+YZ3CgdfWb+8wuo+1pAZBImfpfSWsAE4JiP++nBt8bhMsNtJEYm/1EVhCePQPPPrKzpSod8Huba/GnK/VuGqX2rite5nhGND+ipjOZjX5rOkhEX9xLAnHYeIkqMFcvdf2OsADDrVl31fynF5uqeyuWWE/qBe2B/hWIJz7mSTPUbl+lzxnQkxB5/drxUVD+M3wPS2SPwMnp53iFQL0uvD7fKKm4VQLYFh0XQl4L/LDYschBjHzhqm0kyIYXQV5rY3LcWrvtyKNUTgOhFzrDc5zC4WLL7xGoHgpeHY5dVPjc5zGuj66GUBgaQgVAoP50KqW8~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:35 GMT; Max-Age=31536000; Secure
bm_sz=72BCD0DD71C12752D3A57AF52C0EA061~YAAQFE8kF6Omzm+IAQAArHCueRO/RW8d/5kCG9zicw+U8/83p2gYIovVASfMzsAiaY+wRBnr2qS48rMOjh4v93u8UEI4GOudgf+zdOPSzYzAa2Y2RxwNNY7WqC8FNjdqc6B2Oz2eeDGCSCs5rQJXgk8MIYirGZb+AHT57SHDRpclhKUhIDyB3PFHj1w4N2Q/si4rtHTXUaRTkNXI3jPsAhzYYG6HjK/vKcto/mrleyfAF0DAqy6x5MlOuwyPDRfDesUFm3ngIwHuEkT5w+Dzq52l16ZHWYBxSUCIShHzAFFME9vwFBjr~4273986~4403504; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:34 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.132.220200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 1af6fb063c0775f1a6f53fa9a6f76b2b
d324ebf8bbe4a038486d15f93c6337dff65162f1
3fdce549802e812471719067788abe716f11c13e0253c68021717cc525f0d0a0
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2046
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0; _gcl_au=1.1.1312990620.1685668654; _ga=GA1.2.1006224363.1685668654; _gid=GA1.2.230196910.1685668654; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiRndyZ0x4dVlWM2hQMGgybnJHWjRsZz09IiwiZSI6IkRWd25nK2ZnUkRvVGlFUWNDWkpCeFRrK0l4QWw3OGFlNWpva1pRRHNhWHQ0bzkxSFJkWmUzclpEMlVoQllvVTVTamd0QlowdmJic1VkU1crS2ptaGRoajNXM2pNdFFwNUVLNVhlQUVSVFRuOHlZbVhmWDdlWmlBVE5JWldoUUtHanVLXC8yY0Fla1ZacHpZUUNablFFNUE9PSJ9.53c70ebddc2482dd.YWRhYzY4MDFkODlhZmVhMGRjMzBlYjgyMWFkYmY5ZDQ3OGY3ZTg0MDBjMWVhZmYwZmU1Yzc4YzE3MDBhYjdiYQ%3D%3D; ISD_WCM_COOKIE=!Xh+rmTuRG1O45gUGl7IZxfIs0wroUfRp8IHRPCnlg4CSp3XJM5aPy5mFJhbATe2eVBggo/sQeOP1jh8=; ADRUM_BTa=R:27|g:77501f07-b8dd-4148-aa0a-190dabb3ff32|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:16; ndsid=ndsar0zg7lb2m5nlidvlefy
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=LYLuNG4JYtWnGZx%2f+1GOietJnpq365hnu5EtlHZL7C6h5k7nohy0Oysp+h9j3ML4; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:35 GMT;Httponly; Secure
_abck=E61539AB277BEC45C9FF3F8957FBA82F~-1~YAAQjtAXAvLVd22IAQAANnOueQn+Y9M7F9mhq1yLpfhkeyjqZ+5qsaYHUmfMu5ko8MkldRw0/LDXu9pkFxgXXeNfy8gU13bP04RsHdFDIKuVwJ7CTiPbJPPQhIW8AnBJiy0Tq+sYkpDRhE8i8LXocGA3hZ+MeQiL7vuA2HmMvWAmweyqFiHuOShHjOuk9YRAcWb1lw5VMUlTqq+QtUNqOF9/+uABW3xguDgU56rQTVgJW5yh2MfpEoNjzDnwG0MNRgh+iJLqrk7zWmXJTiXgs/HG0HkV92XW2gDwPJrXr9Zc46/OXYRk0ey1TC07La4WOPtQKU3rlaX8ftmcTE9yI3u3CCpOcoW4aKE5pqY9gU9Ot9JslQbRHeQRR+mvdLqr~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:35 GMT; Max-Age=31536000; Secure
bm_sz=1C195F3E2F1E56530750DD2921ACF9E0~YAAQjtAXAvPVd22IAQAANnOueRNGH8K+p7dyXaOFVnnd4/pYbX7IwPE8uaaKl2QqD25AiMlJNoY2GZusHts7U6pwtEysTovXueTkgpffg5cdkkYJnQCJmrc6c0n/RZY2Q6TcRYq6FwGED2FM3ElUMi5ORv/F0MNRGof1InHkLciZVseiVqw0EKT/x4oONS7MOjhQBjgidgbpRJjGVd3M+rRf9Hwx8zdrVbePSKGo7+Z9nSa9Lx+lKvIEKXEPDmYzDiNAO8Z1SbomDrmqNtu7L/GLw4ipijEi53shG6hHaQRkSSAfqzoz~4602162~3748656; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:35 GMT; Max-Age=14400
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6479432f_kf173_12562-28472
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.132.220200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c5b9605550313b0af0909815cbb8034c
6f25d863a6bbcdfed146a2b1a3d111f44845153d
d55718eaa5bda1c4ee2330df20fbccbaf15b23b786c84b6931b314c9cf910c56
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 852
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt%22%2C%22diA%22%3A%22AS9DeWQAAAAAcEhdaz2bjdBUoztD1JHj%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0; _gcl_au=1.1.1312990620.1685668654; _ga=GA1.2.1006224363.1685668654; _gid=GA1.2.230196910.1685668654; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiRndyZ0x4dVlWM2hQMGgybnJHWjRsZz09IiwiZSI6IkRWd25nK2ZnUkRvVGlFUWNDWkpCeFRrK0l4QWw3OGFlNWpva1pRRHNhWHQ0bzkxSFJkWmUzclpEMlVoQllvVTVTamd0QlowdmJic1VkU1crS2ptaGRoajNXM2pNdFFwNUVLNVhlQUVSVFRuOHlZbVhmWDdlWmlBVE5JWldoUUtHanVLXC8yY0Fla1ZacHpZUUNablFFNUE9PSJ9.53c70ebddc2482dd.YWRhYzY4MDFkODlhZmVhMGRjMzBlYjgyMWFkYmY5ZDQ3OGY3ZTg0MDBjMWVhZmYwZmU1Yzc4YzE3MDBhYjdiYQ%3D%3D; ISD_WCM_COOKIE=!Xh+rmTuRG1O45gUGl7IZxfIs0wroUfRp8IHRPCnlg4CSp3XJM5aPy5mFJhbATe2eVBggo/sQeOP1jh8=; ADRUM_BTa=R:27|g:77501f07-b8dd-4148-aa0a-190dabb3ff32|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:16; ndsid=ndsar0zg7lb2m5nlidvlefy; _imp_di_pc_=AS9DeWQAAAAAcEhdaz2bjdBUoztD1JHj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:36 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=hrWMm66DBAMgGOeUcuaQmyQn0g2UCYb3aaDZMPeU+L0%3d; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:36 GMT;Httponly; Secure
_abck=2C5FEA6C10BBA1B6BBBB8E69BB51C52F~-1~YAAQjtAXAvrVd22IAQAAQXWueQlUn172Jwncz/fNMRV5tsR4C6lvBYWwrt+BpZQD4SGllT6ZL1tgt6OfYWNgYBYlZ6kOihq2VkcJ2aL4/USPWAzvJFff1Aw+XOinJQ9OoWXZX16A4g6/GXwJCFPXXUK4frO0H7ReeJ5pdWdaRmY2STXp87qUH0AMxU8a9aq8EIS4wY0QYYwv44sHrLxTpW6QP0NEA1qob/IhQt+4FM52navc+Pz5KlV72+FWTeustBIACQ1QMWdZERsLsf3JiULNsTrgOvl/EQ+fNz6PmngamuYaq6SrYD8Jz6mKa/gBlTRfuPM3N9NHgxQxWE9DRqC95BhaNK9pyLRdvZJlpOjKmTyCeI4U1ucnE1hL4EtK~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:36 GMT; Max-Age=31536000; Secure
bm_sz=8D2FEF4E57F99AE468E3CC13CDF0C760~YAAQjtAXAvvVd22IAQAAQXWueRPmn4Od2mDzzMAatwl/0+m01sqJSSEOouYXIo7Rr4k8Bdr9D0ksMUQ9q/WUsGXHMbPN9xcAu9sGdda0IA/u4QTx60eznWMUbRQY1q7M1DdM7LbLF0c6qRWmTceRrhz4bpaSgsAmDTsaJRbDBKyE9cuegF2zwwRV1zd6oQxTP7hUbHB5l9gQBkfG8bZ87gFVRpZxeNwxN7M8PgLidlTUzIy8WvgPZUx1Ogg1tDAv2nOmOmLAvIJ5yheDDLTShZHoYhUsWyKeZKV0NcKyYypaN58ovTAX~4273968~3748153; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:36 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64794330_kf173_12562-28479
www--wellsfargo--com--vt49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--vt49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--vt49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!xyHt0FD2EHAl3tJnfhFjdbQk89YdzvSwR0Xf8jM1iDolxE9CHP/62hBNzdsSJUm+OXuUB7IQdtBFLhw=; utag_main=v_id:018879ae628f0013895d606193c105046003700900918$_sn:1$_se:2$_ss:0$_st:1685670453382$ses_id:1685668651663%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DQUzSbBZtxbF8CmqlXvinNFDG9eb%2FB7n3DMa0iWBrdE%3D%22%2C%22c%22%3A%22UFNMbWRqZXRQeXh6SlFYNw%3D%3DmR5QZMHWzQRvZfG-8nucOBYuAwGdm9U5Ccuy6-BK5_p6ZQCvg-n9JXOXTIMhXOzKabMOh_6oTvsMooVcnDImlYldp-DWe9gpAag%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtOYaFt7SrPGiL6xXsKmX7%2B%22%2C%22diA%22%3A%22AS9DeWQAAAAAcEhdaz2bjdBUoztD1JHj%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%22IZuPMIvTjFmBy-UI5s0zqQ%3D%3D2dRJeE0LND8ICd2CC-cvIn_OzwZlcyQi_xga8skxwXY9JOIzYF4jkS9KVXz9t6QfQ81gJn_ykh9tp7tEi4OvxMQ46uZgvRfWrTL4ZgXdMHc7mkX33LR0Q2DVj-wOvvQaYKee0txw6fmraaYEKw1CKm5F3amreTXg1Mgbwdlx1P0ZgKmdwDbWQz34%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAveY4hKn13gC9Uk%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C25338942415583553513553983034147884765%7CMCOPTOUT-1685675853s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0; _gcl_au=1.1.1312990620.1685668654; _ga=GA1.2.1006224363.1685668654; _gid=GA1.2.230196910.1685668654; _gat_gtag_UA_107148943_1=1; LSESSIONID=eyJpIjoiRndyZ0x4dVlWM2hQMGgybnJHWjRsZz09IiwiZSI6IkRWd25nK2ZnUkRvVGlFUWNDWkpCeFRrK0l4QWw3OGFlNWpva1pRRHNhWHQ0bzkxSFJkWmUzclpEMlVoQllvVTVTamd0QlowdmJic1VkU1crS2ptaGRoajNXM2pNdFFwNUVLNVhlQUVSVFRuOHlZbVhmWDdlWmlBVE5JWldoUUtHanVLXC8yY0Fla1ZacHpZUUNablFFNUE9PSJ9.53c70ebddc2482dd.YWRhYzY4MDFkODlhZmVhMGRjMzBlYjgyMWFkYmY5ZDQ3OGY3ZTg0MDBjMWVhZmYwZmU1Yzc4YzE3MDBhYjdiYQ%3D%3D; ISD_WCM_COOKIE=!Xh+rmTuRG1O45gUGl7IZxfIs0wroUfRp8IHRPCnlg4CSp3XJM5aPy5mFJhbATe2eVBggo/sQeOP1jh8=; ADRUM_BTa=R:27|g:77501f07-b8dd-4148-aa0a-190dabb3ff32|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:16; ndsid=ndsar0zg7lb2m5nlidvlefy; _imp_di_pc_=AS9DeWQAAAAAcEhdaz2bjdBUoztD1JHj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:17:43 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=CTdbKv1e%2fmS3OLI6r6l3PeGEYbYL8H4sMQ648vH%2fSoJ1%2fOJa6ZRmG6i9CXjLVm18; Domain=www.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:43 GMT;Httponly; Secure
_abck=69BEC8705AF4A0751E3CF6E771B21D3C~-1~YAAQjtAXAtjWd22IAQAAjZCueQlCp7d2xw//5BI5UetboJHxtPhUvOupaiA0L3bAqneyfwc7wXrCrfD5vFca8WpHey7qLas9sh+fo/2+guGxt9HuvEw7Ll3xRYVIxgGVPzaTccYChr0YiFkfq/MmB3DCAYodQDKVAWT42RcME3T5GqwJ7bhjBMnb/ncTta6cpQap6R4zlnr6ORyidAsAnOUxWWxeWSYtWHma4X+hAeY0tGBQRVB8ifVxJ3z3NAyRzs7PYXOMepYBgf71po94Gv/iO/+8fRjG67alqkgPa9hyVez5mD/M6TK3rfYwAdwcw2Rb+fsT2FxT9bqOMEQ+8hopeMbBThBs81s5+czFQUaJja2vn370MqyZlAKuaobL~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 01 Jun 2024 01:17:43 GMT; Max-Age=31536000; Secure
bm_sz=7152487DD6CB16CC8CCDA4E9A4EE83C2~YAAQjtAXAtnWd22IAQAAjZCueROifKpLv7ykkIGf2x681tKJkqzlDayc3qhuZSURBV+k3ajVF+rbHSVrQKrRQw1lFh7nzYEq28wqGP/tpNB3GtPhqAfATWtltIM0RJiS+w4NxQ07wa4dHG+oM/lfuZmCbr64ZjCdeOJvBzXp5mDjMRSLEWHD03GmhA31ZSX+DfpN4AG+nanc+ZKxcr9KnB21IG7OjM08blMeTyOAQTvLibW8G8O/8WCAzu+6rrpi62i8kY50NwkF0kFO6XgOKA3ywX1Hk5pVnroK6+uk7rNJNmqEJOY7~3551541~3159600; Domain=.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 05:17:43 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 64794337_kf173_12562-28600
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pid=fe9cf04c-3234-4304-9ea6-ee935dcbbeb6&sn=2&cfg=32a3f9ce&pv=2&aid=
95.101.10.203200 OK 165 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pid=fe9cf04c-3234-4304-9ea6-ee935dcbbeb6&sn=2&cfg=32a3f9ce&pv=2&aid=
IP 95.101.10.203:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 40fbae7827132d72ca9260f1dca25cfb
9af5b5e489750bbbef3f0dc55225e323a3db4ba8
41d6ddc4be4a97e108635a1d0ca9885170b44220c0f2094eda6799c27b2f8601
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pid=fe9cf04c-3234-4304-9ea6-ee935dcbbeb6&sn=2&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34055
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 165
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Fri, 02 Jun 2023 01:17:44 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!lf7oMw+SBiQeM9d54TfMmyz5FQ342b8SmmsvPr1kRXy0gTwVbW8pQnHCdJRPiL1Baobi8hI0ey2f2kM=; path=/; Httponly; Secure
DCID=1QwFeX9ddYDWGKpGtq0PNfa4Iky1P4Pa9WJqqerq3N8%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:44 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pid=fe9cf04c-3234-4304-9ea6-ee935dcbbeb6&sn=3&cfg=32a3f9ce&pv=2&aid=
95.101.10.203 165 B URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pid=fe9cf04c-3234-4304-9ea6-ee935dcbbeb6&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 95.101.10.203:0
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 40fbae7827132d72ca9260f1dca25cfb
9af5b5e489750bbbef3f0dc55225e323a3db4ba8
41d6ddc4be4a97e108635a1d0ca9885170b44220c0f2094eda6799c27b2f8601
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0&_cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36&pid=fe9cf04c-3234-4304-9ea6-ee935dcbbeb6&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50629
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=543c69f0-11ab-4f34-bb17-ef160f82c3b8:0; _cls_v=8370d5e9-5950-4ab6-a16b-0e23b6110f36
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 165
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Fri, 02 Jun 2023 01:17:45 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!EAzRwVfWwa8Ttfp54TfMmyz5FQ342aOiajs6hepkRZUoFyzdV50iazeI+TXKaTmvMcFqx+JgdI8Ptfk=; path=/; Httponly; Secure
DCID=%2fEqtgT+AfFDa4Bno56DPL+DgEri8xnLihnJIhrIA7gg%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:45 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
34.212.93.65200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 34.212.93.65:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:17:36 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
23.36.79.34200 OK 1.1 MB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 1.1 MB (1107051 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 01:17:33 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=UWsPZmI8A9HSxnFGjiROd2TDNcZQrOmJPhnlk5YRGhU+paJc8ki0IsTJqxfh4WZP; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
34.212.93.65200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 34.212.93.65:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11116
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:17:36 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:3888b6fb-1bcd-4976-b178-d65c28276dad; Path=/; Expires=Fri, 02-Jun-2023 01:18:06 GMT; Max-Age=30
ADRUM_BTa=R:55|g:3888b6fb-1bcd-4976-b178-d65c28276dad|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Fri, 02-Jun-2023 01:18:06 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Fri, 02-Jun-2023 01:18:06 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Fri, 02-Jun-2023 01:18:06 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:3; Path=/; Expires=Fri, 02-Jun-2023 01:18:06 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 5
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52
34.212.93.65200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52
IP 34.212.93.65:443
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:17:36 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
23.36.79.34200 OK 648 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 648 kB (647689 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--vt49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Fri, 02 Jun 2023 01:17:34 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=zC5yA4Nb9YQ83U%2ff4z4TzJFSUv+SNrJF30ewLRZ6kgVQYCc%2flI+7aCGjPrVkK7f5; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 02 Jun 2023 01:32:33 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains