www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
163.171.132.220200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash 5f462295197f6c2537615c2a572d7a07
b6ad2b0cf6597c8ac5035b6eec7752fd2ed47203
2c8c9490d85becbf251050226cc8869e274ac1e7f07b3716347c540e274b2469
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:25 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18838
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-cff89d4f-f651-49ee-8235-c2c49c86b06c' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18775 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2; Expires=Mon, 05 Jun 2023 12:55:55 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:55:55 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:55:55 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Mon, 05 Jun 2023 12:55:55 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:74; Expires=Mon, 05 Jun 2023 12:55:55 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306050555251513220032; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:55:25 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; path=/; Httponly; Secure
DCID=T4oPdK+6SQ8onF6OlOxyUlPPJiQFJDfSgo1AGz+jjnYN99E6FD16X9FQYdGVBZua; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:25 GMT;Httponly; Secure
_abck=20E4B9092D13785CA097715475793C53~-1~YAAQjtAXAi0y7YqIAQAAaWmgiwqijvUYs5q/ae+DhJ6HDOgJfSx+Cx0RZpY5bO9zmfDbkTmJ7UyDXeKfjpNgFbYS6u2aTc5u1hGKrN2LKkybZUS9JLvRB1ZQSYERDfI/xlpwmeGkjLwHM4RZQqgPE5xwUsMij+60l0jVcs/c+YR5F3wQTY7lDC38cbH2BpYlmL0oStarSWPatRf6sD4K1jUPepUxeErDumxDcnlmhlOYmzD/JxNSjZPGEUWEJZi0rFmgM2CfuN2gXE+rzUYbFS+btFJhg0OLB/cqbeLttvSshiXHuSjcqjgfwfardOQalCPwl1F34VNRQu0GeK0WFv6RfLh4aaTgcLze1HuwoMCqF2pKDNatxSTOIHsfMdNt~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:25 GMT; Max-Age=31536000; Secure
bm_sz=77B5A755CA9AF255932D66CB179BB8B8~YAAQjtAXAi4y7YqIAQAAaWmgixQESRmwdBDWhd8EeUHNPvgypzDIJL2jWeyMbTZcSlKGsPP3VYa7zGsEPbk3L9Lwm/396y+NL/RS5ukhfYf3Ha8GfZ/FrF95Vwpq4/A7YHeHUmG6fJZoCgCGJyVFbaLuGCvzEpPtkne17RWPt0IyOCAeAxxVQmkMszNgZ7mrSuU49CDxepf4zaTD5mFAOJoLTolJgYxtchoLHuFq7iAVRAK0JOXuPE9WNE4N3oJSL8Wnx6clS2bNGFLIOTrZAWp+XC7AT2AK/sREj5WrCaEMiTI1Eouh~3490869~3289904; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:25 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3d_kf175_11844-5823
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
23.36.79.26200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Mon, 05 Jun 2023 12:55:26 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=eWPvMYjfx2+tCJeTUZ9P0g%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=909194
expires: Fri, 16 Jun 2023 01:28:40 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=909172
expires: Fri, 16 Jun 2023 01:28:18 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
104.110.27.78200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=909381
expires: Fri, 16 Jun 2023 01:31:47 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
163.171.132.220200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:74; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:26 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Mon, 05 Jun 2023 03:05:05 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3e_kf175_11680-35181
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
163.171.132.220200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:74; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:26 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Mon, 05 Jun 2023 03:05:05 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3e_kf175_11950-45125
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
163.171.132.220200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:74; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:26 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Mon, 05 Jun 2023 12:37:14 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3e_kf175_11820-7975
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Mon, 05 Jun 2023 12:55:26 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=iM1+AuQ%2fTF8lYmoHGNINOQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
163.171.132.220200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash 099e64e08475d8f53faad34d4add199b
0c663c378636bd5fcc1b11c7e6ca757c4ed62e5d
e89f3ab6fe281058bfdb2e78982baae143da2192690645fcc61d49f45322901e
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:74; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:26 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4280
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 05 Jun 2023 12:55:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=AyNroIuIAQAAit3d4rQRGiMW9_YYXRQaqQYXO3lFIDa71TVabdEVvbDwaK0VAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|a8d0638f1577aa7f0f93cba9631cfb5f05ae014f; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=ARUzt3wMtm7psnq0kC9+Z9WXY943rWnlnZ%2ff+gzVPtglDVx%2fxJEobo2GL0EoWh3I; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:26 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3e_kf175_11844-5831
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
163.171.132.220201 Created 76 kB URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 0d61b4e4742d5251c44efcd5d8166a2c
04189d5a539c1cc84fee87994097919000f3434b
c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:74; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:26 GMT
Content-Type: application/javascript
Content-Length: 76203
Connection: keep-alive
Stored-Attribute-Sha-Checksum: c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Last-Modified: Wed, 26 Apr 2023 15:12:26 GMT
ETag: "5b60948dc39561fee36fa77d7eef5047a16cbdb8b05e43f4f2fbc918f19cea08"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=PVl+2j4Dep4RONr+sV5DLQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=4BED35F2C753033A7652C93A25487848~-1~YAAQjtAXAkwy7YqIAQAAZ2ugiwoubrOuxSqQ5AM7JkXyj/UoczWyduCUl+lytKrw6tyCdbtdMG43ScjK2dYQG9agiJy3oj/0pGbq6CS0MU18gZdRTYIZTGumd7JdRQ0cF/K1gTr/PZ8VhTHrmH638WTuBLcbzKoO2w2cvytXUl7H3ak3D1A080J4VtLInw0WwOamz1hfFGzxtw1Oj+78ofGXo1F5aaOd0Z5t/Vyx+rNHFgYZMKhkN5G08rn1AdgtXpXh7zSEPJkOAvhhqjafyRcE4aRvGRXtMVndRyBhqrDqJdDCRpFtcD9Jz7snLgURh1nbMyiUhx9Om7mG3umLC8aa/duwBzdFEMRoSv3DuGvv0TEn4cp41cMQOMekQFwi~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:26 GMT; Max-Age=31536000; Secure
bm_sz=6D03EC0F67D08EC7232B22070095FAD0~YAAQjtAXAk0y7YqIAQAAZ2ugixTL8HBHT3Hugxdz9Kbu7f45peW3DsFJd6YypomubSgdjXqUfPhXc318YiA01V+tRrfeOFV369JedOv1VUWC547lOOVaxRLCDTrnErBh8wfzdvFuzrPiMZ7GXr4dR7T70/C/D9GiiCF7BslTXRmdHM24qhRD/iJYsQdxSYcOQp07boK2snxo2akphpRlPR8Uv3FnDF9zb2yaGdZST5X7YQACSJe1VxqxxoMZvkBd3AyQMJulXovMAc93IVMvbMtTWKN6qNCadB6OabkoMh/D4x5KW8Zx~3749430~3617332; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:26 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3e_kf175_11680-35182
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
104.110.27.78200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=15517801
expires: Sat, 02 Dec 2023 03:25:27 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15521683
expires: Sat, 02 Dec 2023 04:30:09 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
104.110.27.78200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=15413971
expires: Thu, 30 Nov 2023 22:34:57 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15522565
expires: Sat, 02 Dec 2023 04:44:51 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
104.110.27.78200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=15413975
expires: Thu, 30 Nov 2023 22:35:01 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2369
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:74; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Mon, 05 Jun 2023 12:55:26 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=grMpvS31cIU5Y2EXPMsJKA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=grMpvS31cIU5Y2EXPMsJKA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=BB962ADB42C7492947AE292216B8A6F2~-1~YAAQjtAXAl4y7YqIAQAAEG2giwr3kU0zoMmjoQZjwJq+BJQvxeEpetlSKJ8Amadf/U6/qyBQgSGdLmVWQy7rFft3+wXaKUYFyxoYBnY7RwO6T+UKvNhqr2HLnh8TZdsHRaBnwWIiNMw+eqV8sQLc+7Gnvg0REjvKbenQiat5W7gwrRzKRaL58QoZZZfL4ltvvkQWM2vhwdiF8aPDc4BztX1tl3JUbaAM5OazsB0mpDG9oEw69NkAaY35HHTzO2kkTvalC8XIQQ7eC9ryBU+gS8BoJ64A8oK1yqHv8APj/GZ3FMIkJOMzJ6QbzVSC29ptZJBYpROniWuZFguAQrMb8xHcscIQJwYy4Ymq7Ei7a39ivH5jDzGTnonqhh2XACP+~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:26 GMT; Max-Age=31536000; Secure
bm_sz=75E9D82D2F5DECCF621FCAD8B0FA236D~YAAQjtAXAl8y7YqIAQAAEG2gixQ7KPswVhkbuVuvWGTSeUHTiQQM4rrGUS42RE4TW0JgUjz8c7UywFEBP8rpcJFhTLO9E0ERk6U15n/dyUvjo91ZwsOrmtlyIlCgjYVH2nyY1A/PA9YXBqWld/jHdWnzsacqdLr93h62vfgOspjpx1cZjpParCdod4D+J1iC4pzLyzdK7zYJFpsgVRLMQju2zKxVUfVlleavLug9eO8C1GlpzRlnwlBLb9u8hk9gaWppzc7Mw5Xd1MjmFzzHC27xl5qI7PwiuStXtzLYtK4w8jzFeoOy~3749430~3617332; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:26 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3e_kf175_11680-35188
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/target/offers/conversations
163.171.132.220200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/target/offers/conversations
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10606), with no line terminators
Hash 22fc7f8d8c5523c20cbae7fe4622a68a
657aa6893b19d25b46e0eee8ee91bf5316193ca9
1e2aecd75700ac1517ef4f3419d52ec433f539d8e7181404355635c772887db0
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:74; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:26 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2101
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-d7685100-af0f-4a24-a11c-b53dcbf5018f' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:74; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e; Expires=Mon, 05 Jun 2023 12:55:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:55:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:55:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Mon, 05 Jun 2023 12:55:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:158; Expires=Mon, 05 Jun 2023 12:55:56 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306050555261976785505; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:55:26 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=F3ECC900E8E9A9A6F840448C6555CA65; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=vZFSon3vTd7eVrfvoch7WJlU4b2W77uWQqWPG9EWqdIonC2UMIU4+%2fefJD6UKJVN; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:26 GMT;Httponly; Secure
_abck=E9B112E9D0C11FDD2D44BB8F9016CD60~-1~YAAQlNAXApvjNHeIAQAAiG2giwoACs1B8LwzQuFx1s2JJzhtpw4d51oR93827X3DqSEBNw9xpWc2TgJANRyfbDwGLIfqD6r7VBL/4F8qrzIUzZoQzSKTBeZJpfYgRQ0kYhi1HpNWXdOzYv4R9yobXeIvEylgl79N6ECDxR5vJaeZsXzb+8qFJbyuWmQhwryeizreG3149mF3oi9c3pcsumOOXWnZkHZuDN/BM/WMbqE4n8HdycR3sdAyvTC+86Z+nm7l/YRw9enZqYLwVZzCCs9ig5QRM7akaNrDzG7OISHUDkCW6B+pOvACkl9WxIl4Ojpvxwt/0VAlhsUD9PzLZMZj1k6bs9g4ddHLY0nWluUfm1/ICrHvJWS6IKlN2TzD~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:26 GMT; Max-Age=31536000; Secure
bm_sz=D2F5986A4C751688625AFC1A14E94AD5~YAAQlNAXApzjNHeIAQAAiG2gixRaFwLCXmdTOjLhNsCiMTl3JGb/CV/hTLqVkI/cJn1w5da7tbQR5I8lBkgnFQF4ligirtNLq/uw3//r1WDriqvUQxkQggiEbChyW/nmarWa8Tq/xV7CwkB3Ucg8JOzmQLIhvmF2sBBJ/AOnqt0VFuAw7LVzLQh203OVyNXcv3jjSE7BTdnJK6i3F8KdJpRsk1kEE5/Rv7NFMQ/8WJKZzYr+v8LSSNe9/Fz+MAKUldOh2e+PpOkXVASs1ZHPHY50XwYk52amKeuPbcd7YTMlRM2wRLww~3749430~3617332; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:26 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3e_kf175_11820-7980
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
104.110.27.78200 OK 3.5 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d1b1a3360bdd72738e293e52317421be
959dd982844853f38ab34579ad4738ee17b263d4
e03095c638618279cc642e7a7e10d962f3d7161eb34a25c9a2407045fead2391
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61a7e46d-e1c7"
last-modified: Thu, 20 Apr 2023 01:30:27 GMT
server: Akamai Image Manager
content-length: 3542
content-type: image/avif
cache-control: private, no-transform, max-age=909195
expires: Fri, 16 Jun 2023 01:28:41 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
104.110.27.78200 OK 39 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 5d115cb30ce945de0d431748aa0b6073
e1af15a87872a93c56598fe21c82c252a7c82345
8f0441ba6cd327f630ce1653262816ae3fb9abf2db73b70c50be3e66c51dfd8f
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_135975483_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505859-e2ce"
last-modified: Thu, 20 Apr 2023 01:30:34 GMT
server: Akamai Image Manager
content-length: 39415
content-type: image/avif
cache-control: private, no-transform, max-age=909317
expires: Fri, 16 Jun 2023 01:30:43 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg
104.110.27.78200 OK 18 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4d74f6d202bf00523871f6380d9da158
511af47b1ce2a77f5c27cf3addfd80f289bb76ba
8932b18f9d89396f9292d507904d01306b97c8ae75165c93005b04aa7d9853ce
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1305630454_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "635162e8-d177"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 18075
content-type: image/avif
cache-control: private, no-transform, max-age=909373
expires: Fri, 16 Jun 2023 01:31:39 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
104.110.27.78200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=867656
expires: Thu, 15 Jun 2023 13:56:22 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
104.110.27.78200 OK 44 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 9534a04615e76afcd0a4dda5cdf8dd7e
516d3a11907386abf70170a54409523592c068aa
d7579baa6c30dad3cc501d73364183349ac085fcfea7c2af16aaa11532bc5907
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_111661701_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63505837-def7"
last-modified: Thu, 20 Apr 2023 01:40:39 GMT
server: Akamai Image Manager
content-length: 43802
content-type: image/avif
cache-control: private, no-transform, max-age=909956
expires: Fri, 16 Jun 2023 01:41:22 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
163.171.132.220200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:74; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:26 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 05 Jun 2023 12:55:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=mJtWI5xGMlH1ziZM3ZE2q5TTMS2FlecFEZgMW5IF35WFEnZPhp8QeFsGNLajZpfz; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:26 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3e_kf175_11950-45129
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=909241
expires: Fri, 16 Jun 2023 01:29:27 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
c1.wfinterface.com/tracking/hp/utag.js
23.36.79.9200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Mon, 05 Jun 2023 12:55:26 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=VeVuKnWlyTXLj2hmz7OnKw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=909324
expires: Fri, 16 Jun 2023 01:30:50 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg
104.110.27.78200 OK 2.0 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 54e10b9c13d7d34c19657767d4bab80c
e34a8ab8569f015fcc331eb9eea548cffb7466fd
3059d71b7591fed5674007cbfe04627a88397d42cc58f9a107becb0c269d825b
GET /assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6453c985-8adb"
last-modified: Wed, 17 May 2023 14:04:04 GMT
server: Akamai Image Manager
content-length: 1950
content-type: image/avif
cache-control: private, no-transform, max-age=954720
expires: Fri, 16 Jun 2023 14:07:26 GMT
date: Mon, 05 Jun 2023 12:55:26 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
104.110.27.78200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=909319
expires: Fri, 16 Jun 2023 01:30:46 GMT
date: Mon, 05 Jun 2023 12:55:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
104.110.27.78200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=909507
expires: Fri, 16 Jun 2023 01:33:54 GMT
date: Mon, 05 Jun 2023 12:55:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
104.110.27.78200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=909622
expires: Fri, 16 Jun 2023 01:35:49 GMT
date: Mon, 05 Jun 2023 12:55:27 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AEAhiYuIAQAAV8Y5fa6t9q1hjPQcBbwZKjdekXc830fZ5Hkil_gyjUC_lkT5&X-G2Q3kxs3--z=q
163.171.132.220200 OK 150 kB URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AEAhiYuIAQAAV8Y5fa6t9q1hjPQcBbwZKjdekXc830fZ5Hkil_gyjUC_lkT5&X-G2Q3kxs3--z=q
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (150245 bytes)
Hash 6949ee601aa1282d3c89577a88daca1b
3d88abbc65884df6150b2d2adebf95665a54e461
3ddb4ced6b543196db3ea2500f54eea84e1b11c67c7544c7e4ae21238289fbc2
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AEAhiYuIAQAAV8Y5fa6t9q1hjPQcBbwZKjdekXc830fZ5Hkil_gyjUC_lkT5&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:a734b200-6b45-4e6f-b1a1-7ed6444b80a2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:74; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:26 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 150245
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 05 Jun 2023 12:55:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A2hsoIuIAQAA8wH81ITQCmUwavdHyf9SuZob_T8I1x1abf5tUl3EaNC4UsolAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|5ed6a59d0fb1f34296ddce7a5e0c5a4ed896f2b5; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=duilZfQ4fvfBtZQOt0JWcUCA8%2f+iJ8kvDntzFYftX24%2fZfHlXwzHKjn7UCmvRvV1; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:26 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3e_kf175_11680-35184
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
104.110.27.78200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=55207
expires: Tue, 06 Jun 2023 04:15:34 GMT
date: Mon, 05 Jun 2023 12:55:27 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
104.110.27.78200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=909367
expires: Fri, 16 Jun 2023 01:31:34 GMT
date: Mon, 05 Jun 2023 12:55:27 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2156
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Mon, 05 Jun 2023 12:55:27 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=3o+q83u%2fmCJLhgLCmv8AiA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=3o+q83u%2fmCJLhgLCmv8AiA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=455B8B4DFA2A9CD11B4EAE8D63EED8BB~-1~YAAQjtAXAowy7YqIAQAAfXGgiwr2c10g0sNM9RQUjxjn8BtE/ZfO25T3qR6iUIEGgrJ6gjjiYNQs9ivzmfBiyVWG6swQb43s0MSDEMpZzFOaVJOvup7h0R17a+LW4UlAzdnRYjV4lxUFK/w9M09unliSdByr+TmddfHensblFuQmM2BLm8sU6pGUVwL4xeYZEOsD26PqDAa0nEqLbxZNQ20NIkeyGOfe2D3Ke07yzTONeh+lrswLnPDX/7SvxSX8dK58QReMIeOEvGxYS9NTHuu/iqef4sy1ChjL4EOlPOpVkmL1IoBgD6H7xfd5VxfbyZ5TNo6OB8xxFkwT8WLMij0G2e18BaT+zDRrDwWZoSw5yhSyUfIhzLSd89mSCME9~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:27 GMT; Max-Age=31536000; Secure
bm_sz=0570D03923B3359C043F369AB9E17524~YAAQjtAXAo0y7YqIAQAAfXGgixTZ2YxUzxEZjnV4WaejzeSw1kWfEHoqACkpDZhMXtiWz6LfUd2jEYxRPbBmSmsx/+v9vhD8WwS17p51Y3qwo2DT7KV6JynOMiKQs4DS88z9Sik+gnhv2+DC8oBqz6pDV73a48GxWMPqheuRD8ZLXvu77T2VVaodf9SQuV/Q/mA+/APRmtZSXkScd/mBeHwNcaNzZaveBjAzR9ml1arXgcIfwI7PlmRX8Yo8J/TXs0pZ/Q3X9UTMTxNIezwoceOdfpDTdCQcS7iT9MK3k82o1QElQw7I~3355957~3422006; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:27 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb3f_kf175_11950-45165
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
104.110.27.78200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=909334
expires: Fri, 16 Jun 2023 01:31:02 GMT
date: Mon, 05 Jun 2023 12:55:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
104.110.27.78200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=804111
expires: Wed, 14 Jun 2023 20:17:19 GMT
date: Mon, 05 Jun 2023 12:55:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
104.110.27.78200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=909196
expires: Fri, 16 Jun 2023 01:28:44 GMT
date: Mon, 05 Jun 2023 12:55:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
104.110.27.78200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=909322
expires: Fri, 16 Jun 2023 01:30:50 GMT
date: Mon, 05 Jun 2023 12:55:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
104.110.27.78200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=909198
expires: Fri, 16 Jun 2023 01:28:46 GMT
date: Mon, 05 Jun 2023 12:55:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
104.110.27.78200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=909479
expires: Fri, 16 Jun 2023 01:33:27 GMT
date: Mon, 05 Jun 2023 12:55:28 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
163.171.132.220201 Created 18 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2682
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=zrgItKqYD3Iie9Fh1IOqhw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=zrgItKqYD3Iie9Fh1IOqhw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=2E4F8FCE82122F26F1BAB296E02F257A~-1~YAAQjtAXAqAy7YqIAQAAcHOgiwoQ8tAZzrGbvQEltMTZGvIdoVgUgGGa5M9U1XRZ6BPCslYAGUiJC1r7oA3RZFH7Em+T1klgEoUCgSuTocaiSajmnG3DCHzU+bsxKhL2L8utYyQ47lOzQxl5TFOPtlzoOQ831LZZX2eAHG94b4js8OTMwVj0WXPzRTn5UFmbRXn8CGp5badXmMl+FCpbWZlZB/qWqbZp+SHhzLGALHaYWian4u9m8hWO4/FeH1VfH0o0t3ELaJFyuzAYLsmX+4n6P5BsPNdzkVg7NSAfeu1tu7SZcGzZRzVrqd2/siAo8LMVMcie4mtXvHVY+MO6jzBZFA83JRoOcNirgXnKMHr6k7ElBE2Zsj3eL7HNGbS6~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:28 GMT; Max-Age=31536000; Secure
bm_sz=73B4C1C2009283F23AD8146760822EC4~YAAQjtAXAqEy7YqIAQAAcHOgixScia6koGiugP58oKVrg54dtmvqo2IEP/Oqe6kRbKHkZ5NVE8/xd8aAJFgiGmymd6Uj0WsTn8DaCaKCUfIgMaEuCqqHzHWhL8jbNMug+jZBAT/CMEFbAoQQ7uVHkmsvSykKCTuvHJenP4l/IAyutUIkPpggOmEeeDt7lh63b3T95s+uEtlASw7VtG1ChYO8f6OreO9FgYQMBbM5ItMcDsLhBA3XxEHoRvUzi8+UFfBrILPG26EW2enJkB1Twy8NUfh8MKh2LcBPYSV1EebKhDS76tiE~3749175~3294003; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:28 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11950-45175
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
104.110.27.78200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=909216
expires: Fri, 16 Jun 2023 01:29:04 GMT
date: Mon, 05 Jun 2023 12:55:28 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
104.110.27.78200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP 104.110.27.78:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=909164
expires: Fri, 16 Jun 2023 01:28:12 GMT
date: Mon, 05 Jun 2023 12:55:28 GMT
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
23.36.79.34200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Mon, 05 Jun 2023 12:55:28 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Wl7LfNzlG2kFFN13mOPybVCj1x+p7AhkBq4T4wA%2ffH294tPtoFyaF%2foQvw1p94pK; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727858&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727858&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727858&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=fSrVOHH0dyWftqwZIRs3JS1h7iJoQvjFqOXigke4uFj5%2fYw+hH5W%2fMBXRWrCqIKb; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11680-35219
c1.wfinterface.com/tracking/gb/detector-dom.min.js
23.36.79.9200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Mon, 05 Jun 2023 12:55:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=U2SxSJV78gO+6Dq%2f+QjL9g%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 944 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2362), with no line terminators
Hash 770c504e20eff3808f9d04eb60d3c61e
0efe2e3a51ff13b64b1a13287f36a1820f4753b8
89314a2d9dcb9cdd0983b116e0c121ef32b561d9541fb33e3038784855cb2d32
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 267
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 944
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-f79a0b81-98ab-46a1-8f1d-0c370a65a0e1' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:158; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:868bf049-f29f-4521-b4f5-face67366550; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:868bf049-f29f-4521-b4f5-face67366550|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:17; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=F85321E1495012B5AA187156826096B0; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 12:55:28 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230605055528820013039; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:55:28 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!U+dSw9Hp9s1fyr0Gl7IZxfIs0wroUZ8Lb/EOEPUyYOH28urX8vomMSx2USifqJU+wxd6fMSqwiEpFBg=; path=/; Httponly; Secure
DCID=42EYB4mA1Uj3QUCuUGCp6uzFmG9SbaEqUShQYZTzFjY%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
_abck=052283956BF16C6659EC4AC7E4BD22E8~-1~YAAQjtAXAqUy7YqIAQAAuHSgiwrc44OduHdzvn3rt8l7GXOCy8dvR52Eh1K89XBujvVzEcf5BzlElEuxqhWuqoSskeLW/xyhvXP14f/yhCfEM9QDmpdRZb/CCagmkFSHE7y/06MKcTA5/rA0gzgqz46uOGixz4FcRN6GOu20U0aEbeIWwytQviAxXYALT1eV3kbG0NmeGGzxnX8vTDAiaNULIKyTITWy4TyvmltULOzVNn3gfekoBP8YclanVdm0jA2EZTUCRMFivmtioOaztTBAJQlJNkZtUKToyXmR1pBntNkQlitdI3qPWmiiDmpC/j2hfuYUCosTc3PFtCTi3gjIBRQZgvs0gTP9kDr35LoluySSNpPp2wvScovnynUU~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:28 GMT; Max-Age=31536000; Secure
bm_sz=E8658F5EB97A2B0190C120492F1FA290~YAAQjtAXAqYy7YqIAQAAuHSgixTow/5Mf4+AXYYowGQ453elwNY0syRGdeFYUuVS51UzKcHicSpDNpo7vsgW9hQ9zwNzNeAtuRAqtQ0sqto6/mrSIIU63dctiuQWQ2pLFWXdv5E1hAC+gQfivjBJq9wE81Hb5VZxVotLwZ1qxxSoSHUCl2qj54VigdU004j6I4pgVcu2SRQ74aNKSYAiQ7uGVyXcp0sJWpfP3l+pI9leUZQhWFezD3sjI0dxuqCrFkJApvoEyIh6wLiQrMvpztHK3fVEfTcTA3j8q3NtahIwZNEae4Zr~3749175~3294003; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11950-45178
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 969 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash 70aa48037cfc2a395a9dcfb6090d6dbb
72bd1fa7404393fe90c08e10a26338d990c878fb
4eb1b9c326fd1d7d03d3b3b43ccc3701bb120878d7f2c7ee108a8790834feb8f
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 969
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-b503ba2c-dc0d-4b52-bd58-a978c7365e21' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:158; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:efe7f2a9-c505-4c8f-8723-7ddb383a1c40; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:efe7f2a9-c505-4c8f-8723-7ddb383a1c40|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:64; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=BFBFAA0A3DD902A3D2698F5F7C0D72C9; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 12:55:28 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306050555281181611712; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:55:28 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!YNZ9b43jZMXctb4MntjHYqEj2JIOPL8XgSjZBdtBwlPP8YqztvCZs+2YgBg2Sy+33/8sDmzIa4a6fss=; path=/; Httponly; Secure
DCID=YL3Phm3cfW791fTu0TwYgCbLB%2fUypK7fJZTYd5JtPDlP0NLotVjrFgQGtkdpLcaU; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
_abck=1A4DAA7A1E8EBCC549ED248488A0BB79~-1~YAAQlNAXAg3kNHeIAQAA73Sgiwp0/Bddn0GAvkS3hfAY9wshWuyeKcPaL2vriKoj4jDjHycU5aFU4I7PfopCXBWGRlz+CcWF0Zz/qGG44SzpVo9y3uTItfXWogWdsp+/1GKE9ejYm43lNB2FTimMjD8giZdRaMMmaKvThiq8CDddTq8pGz/RkyJ9+34/9hNPhOIttxu9Wx9xZoofgpX6sJXT27EgI/Oi3iknvzDEkU+GzTwMSUSz8Qks2XIWGTlCXqY7rRBqzqitdxgZOSxSKre3NpfqD/ssvtD/n/t++XHbWO92PmfrkLfg/jDXN599TiNoq1WuaTyI9bZxKkn4xmuPXDFcOzF5LDMvmqEvOSKEIFSpJfb3nEcG0z9cNWZm~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:28 GMT; Max-Age=31536000; Secure
bm_sz=672078BE68BA7798247EA537BE5F63B2~YAAQlNAXAg7kNHeIAQAA73SgixTHMl+a94OBQZTeAKarxg1u2PDlCH/PtbV/vbttYB5ssD7pGFGUR3pjHAmdmhDaLp+J9A/MN2oxP3V5ECVpePvI2kZMO+neZ6HjPPPULtxGX+ohNxWC1todHN9YrzYm17pEvxDi84PEG3y6in7+EgObz3Pvs7uEvvCFBf1kJnHHTellGlNqcJ2hAxMAmEpObAvgCJR3/6znOC41ZmcQ7yBiAT4blzc5g8rVU64cCZ5MAJAQDbeJ69CPBL4/bd/pfeS0aSQLvQnK0h0AE7f4x45W8hD0~3749175~3294003; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11820-8007
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727935&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727935&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727935&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Nw2phVfnHfl7%2ff9So8bTMdID6buy9HYdQh4cVJdInnhjT6yceJAP5VwdDWWQE8HG; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11680-35227
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
23.36.79.34200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:55:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=pZ1VBCvz5MTSrHAeeaiBBQ%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
23.36.79.34200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:55:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=umPHQppfHCoeXKrFsEeFPQ%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 12:55:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=rkNw%2fShehXy4KuhdGO2fng%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 944 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2362), with no line terminators
Hash 3377318a4a9155d679dde800272eefce
c33db77dde941adb93cdcf6c727996034685d17a
1a4c1ccc3a01a13b6d6eebca85a77ed82fae5ba329a3f18e640cdaf0650a21f8
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 944
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-535cc49d-9158-4761-b2a6-457efb064bd2' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:158; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:218ae28d-4563-4f01-a134-2a181f6dc064; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:218ae28d-4563-4f01-a134-2a181f6dc064|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:61; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=F4B6FF4FDB45A8EC7D1CDEA94C0F6501; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 12:55:28 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230605055528534908542; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:55:28 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!RoK80ielUM9nyCrz2xKqB3cO2dndHjQXSMAXEwCAwFxYQM3tgaVHMOuWTWILxGLNj5QsdP9eY645bWw=; path=/; Httponly; Secure
DCID=8FTUhFq9X1NQUwXNgQxrjnKROrmbyICDxGSJQ1j5rJHxlF%2fJwfKlM10H8Yq5L0R6; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
_abck=86516023E0501DC9B2C9C6DC41BF88DB~-1~YAAQjtAXAq4y7YqIAQAAXnWgiwoNrZMUm9O6D6XrayzzslBySJcqo4lSnEi7Ts4zsYdjCmpzafxB41IUbmUCesePpIm0bSVgxj2mhCRm13ExLOKINHyw/QylgrKqOYwDM2e1s8GT6nSVGytePz9pxasoDMAy9s3lAbU2Z6ZlWyyw1JNYlODyHcCwKJSvP9ADxWxDc+Mk0d7YLopBDlxyVbBPa0JynUfb6nkCF5ovbezQBmX2IFZD9guxDLf5UpeorylU1ax9zhnpJGa3adI9X8rDMNC5y9iFEnHwY3JsH7QbSGqRB6K57Rkom9YdEbVkl1aMcfYzm/6d36PUM38hU6oLMVTbTRRctoR1PJQNu0VuaYkMOwhVHLtdeiyWOnAe~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:28 GMT; Max-Age=31536000; Secure
bm_sz=33BB91230FB2C25B358785BD92524977~YAAQjtAXAq8y7YqIAQAAXnWgixTu1wjcZREoPnkwlhQWKuXmlGPXaqzHppqCMqm3k3cAxYoi7hPPfkr1YgGIZdBajWgTI8OFLUsGYWi1iirXbDIYPqr5o4XKFo9qHm/99fZXW4YVAfnqeF5PGu26ApICicVMMZFc6kvb7Lep4+a6J7K5xJAzHTt9oCuKKbCFO3F/qtFZ+N2gelZfQVNB/a1Pee5/2V2PRtgjoVylA1e4nqtFPsmqqdJa6hvIRFlScazZeIQllrUggRkU+GhRSWduWnJYQRTbylRkuUNcSIF0eVzzqwKh~3749175~3294003; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11680-35225
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727944&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727944&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727944&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=d0OMnQA0UxH%2fvctxedwrbCyUjjspUV8j2HeKesYqggz6aY4QRosZ9nGgQgq1ErXl; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11950-45183
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
23.36.79.26200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Mon, 05 Jun 2023 12:55:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=VjIvBtZvHULmnrbUbNCc1Q%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727938&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727938&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727938&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Bdzy4ANs9QrpiSawV1W4y%2fFJoDZe%2fH2fVsuGPGfwo70XjjeUYeWPTO3b1ITm3Mxb; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11820-8013
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/target/offers/dispositions
163.171.132.220200 OK 968 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2437), with no line terminators
Hash 89e2f9ee1a558fa41bffc6d537c20be5
c0d6e1e9cf8b4aa2afe944543d170ae3bb145152
1909db1bdebf2ed59ecb7e2cf4771acfe6cda12df811494d1487409659586712
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 968
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-2d789158-1d39-4059-8790-6a48e4874d95' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:158; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:aabfcd3c-23b5-49cd-8769-f86d412ef57a; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:aabfcd3c-23b5-49cd-8769-f86d412ef57a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:61; Expires=Mon, 05 Jun 2023 12:55:58 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=C7211E0CC099262250705DA2E00F243F; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 12:55:28 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306050555281218734267; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:55:28 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!fU+tl7tM6/fjhqzz2xKqB3cO2dndHpaV56mOJeMhfGBvwC2Xd4Moxp7+TOwZ/elLncnQrNlvtwrxP2U=; path=/; Httponly; Secure
DCID=gQDvk5yqhvy8kbeZB7v7UtxitASyA5lY3pdOmf3W4nxiaaa1AXdV7pX4QYbiFF9q; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
_abck=AAFF58B5F0FAE7C5FF793B2B4AEF6BAE~-1~YAAQlNAXAhjkNHeIAQAAnHWgiwpkqQxdBoUOEQuaHgaU+dxOxNbcH5rdJ5Vo+1Et9VHCW04oZf4pz6cGOUE3wxl9Bd29Mo4f55SqFS1ob/xYqtrbRX+i/nMhyTea1ko3FUYLDAP+UMWmwUGzQ2NQjmB/SKODuIKrsFFAOAXkQdGa5TolyuSEJhjq51LSrb4bF1vP8kN3FcAX84ZLm3J7XcbDyGG+nbpJoQhlLXfdbBc1oVEajjMWMXXVQzGmI6b+ZWl8LmRgm5xu0XbupOYyri+SmxDkcZzeV6p2nO/kVVPN/+GvrIW2rdIdTHglkcpBGxr8u3xkbLZaXagKUBJ2y36qhs+O1ZlK94WlTLhkz3mIDyrbbGtsXlHuTR0tn6ur~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:28 GMT; Max-Age=31536000; Secure
bm_sz=2B5D7716AE030A20E42476A774B4013B~YAAQlNAXAhnkNHeIAQAAnHWgixSHju1UCGbmh7quEyGfa4c0vzdbhBZ/3OEFypFerMUbXNJNBvk1yjB9m/9/QH8jX5uni9oCO9xHVlGeGg8w6fbn8BaY7CDYRiVdn3KM4N2OiFNfduhuj6sPIDTN9+axh4BBgWOMUn6veF6dVajcpqun+PYiAcWl0ustTJU/qcedt4C2eCdt7sTborPCfJvkX7q9yDhwrRZ/x2YOUbzOdOLmNn9xgwob44ovWuiA8RtaNbQM6mT4zrROmyC0rRPWJFzq6SIOw9Vav6O+G/CkbJ3SB3lW~3749175~3294003; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11844-5869
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
23.36.79.34200 OK 151 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (151149 bytes)
Hash 501a4614d92b44620b11d48d0bd136f2
12d978ce0d1b52774c05a22f649175117826e77d
3d560b6bcb68c133594b214b7ed209f63f683b4efa9367465f0f07f4fb948370
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 12:55:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A7FzoIuIAQAAVnFa-fseEs-vn37RN7CXkNpwOHSRl8ju3LeXRwYEFX6hAxYfAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|b6aa11c227f461ef066e0276e300cd5606b6c436; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=rTWNQrbA9T7NBJkJ%2fxWEw%2fHB1dRvsPzgprV387V7GPI%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
23.36.79.34200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Mon, 05 Jun 2023 12:55:28 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=+g32%2fXPeUFo6PPaxm1KMlANsbAiL0h47EqYtm7EPAt4%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727948&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727948&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727948&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:28 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=eWtmBrL3yJuRxbeSqqEzl2gUceB2Ky89TAIuYIfhePlvprR+lBCIlhifJN8WgHbL; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11820-8015
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
23.36.79.34200 OK 308 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 308 kB (307653 bytes)
Hash c85014374233a557bb0c3371506bb5a0
aeb987debdb406b79606440a165a027770ee03c7
79c53c9a2acedfe344e6246a510b6c7a687fb868006a15f7afd5886a1b88abf1
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Kme7Ufbb7mMw44X+Xa39rzp2yrknHnr+QHR6sQu3ccxXQdrpmgn1XrBYxPvZF+Ki; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
23.36.79.34200 OK 331 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65446)
Size 331 kB (331228 bytes)
Hash 6ef479c44379f2b9baec883c473a53dd
6d971f4dc64d2a685ca927c90021ebaa601c2726
11b00cbc413cf23b0f7d71dd7f65469d1eae548afbeaa034f0261307093d1d24
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=h4qWUVONoGu2cW7Ba7qHo%2f33f%2fYg5bSlRmFy08cJ+Yw%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727958&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727958&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727958&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=WUuFiuPXZYLZQIt6GhOS9ZHCCOrJncj%2fBDabonUYQuToQLQnVHI3YhHDEPx6kgfl; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11680-35235
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727963&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727963&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727963&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=iOTc0cLWAmiCECItt9XuJDD%2fQl4PZES9YbaKiSqyw8o0l+ghUzdZ5GsxY1xiTmSa; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11950-45187
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=9ba75541-6422-41fb-861e-b93370400cbc%3A0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pv=2&f_cls_s=true
95.101.10.104200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=9ba75541-6422-41fb-861e-b93370400cbc%3A0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pv=2&f_cls_s=true
IP 95.101.10.104:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 56df8cd392073a143f3085dec767a9d8
a22fdd4e94eb324bae0589959290f2f33b8b51ff
8bf1e09d184b540c3b3d9c0dcd4fb2946cf3a1b439d6bc6fb2874695651764ac
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=9ba75541-6422-41fb-861e-b93370400cbc%3A0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!RQFdezkXG3JVDLx54TfMmyz5FQ342YeMDx986plFWgl43PE5BmvlHb2rl/delV6pu05ZmHl6j/e2GGs=; path=/; Httponly; Secure
DCID=1AjvLRCluCILWmHlPhRLSnTheB%2fCsH4gx8iuVzIXOIU%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727972&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727972&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727972&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=oHNgWVkt84nuTSClmsP2UsZEc1+5GWWgzuGVZ3j%2fFQh1u7u9NO+uWd%2fU%2f0UU5D2V; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11844-5873
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727968&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727968&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727968&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=HCBxhsvJkVzlqbAF%2furYsqLy3K7UVkfFGIl9hGVVAGmPrEiYDGqPld3TVJ4rK+7J; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11820-8018
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727954&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727954&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727954&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=dOuKI4w5mJ0bBs+pzPkTT3eRyrfuu0RE9KDVHRgH88rqMBrZDcSDvlxpdjJA7Lb0; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb40_kf175_11680-35232
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/jsLog
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/as/jsLog
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/jsLog HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 166
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:2$_ss:0$_st:1685971528422$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C45434343852140244073912584457040026287%7CMCOPTOUT-1685976928s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ03UbljiA7F8CmqgBWiqM9NHcqk%2BASDkQt9rhSR5Z4%3D%22%7D; ISD_WCM_COOKIE=!RoK80ielUM9nyCrz2xKqB3cO2dndHjQXSMAXEwCAwFxYQM3tgaVHMOuWTWILxGLNj5QsdP9eY645bWw=; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f; _cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0; ADRUM_BTa=R:27|g:218ae28d-4563-4f01-a134-2a181f6dc064|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Length: 0
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-4dddbb10-1a6b-493f-9c9f-a04056c3688d' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: ADRUM_BTa=R:27|g:218ae28d-4563-4f01-a134-2a181f6dc064|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:61; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:00a29d78-dbae-4c68-99ab-50f814c089c3; Expires=Mon, 05 Jun 2023 12:55:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:00a29d78-dbae-4c68-99ab-50f814c089c3|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:55:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:55:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=68261829EEF6CDBF4BEC5700498487E9; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 12:55:29 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306050555291244953148; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:55:29 GMT; secure=true; SameSite=Lax; HttpOnly
ADRUM_BT1=R:27|i:206915; Expires=Mon, 05 Jun 2023 12:55:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:38; Expires=Mon, 05 Jun 2023 12:55:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206915|e:38|d:0; Expires=Mon, 05 Jun 2023 12:55:59 GMT; Path=/; Secure; SameSite=Lax; Httponly
DCID=8dNG6EcEWqfthIQsNN+dbyU8XJvtM1H2tXWo49UkfVg%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
_abck=804BFB452CB87B69DFDD1A26370BD67F~-1~YAAQjtAXAr4y7YqIAQAACHegiwpEUImuNy129g0+RzAL+X4v2c6xajGFIjA2KR4wRvjTzS165GGex+xWWdRhnlTnqVZlhXiVG3BaNyHQ+zaP4ouuxOzW5CkGeTL0Igi6CdsUO4oMXGn4zjWxF+XZYux0cA9jq/+Oe3rJapqZJSXVMT0tMgaIjI1aeQMYgX0V/c13hvTOnZjwgoeYIdsmAcJoBz45srzyubew3pqNmWo7ME+K82F/o5nVkkA2Y/KgGz5WaGrdNs1WD4aUBJFv9+MT+PPmwb1ip09pEWW9NIj+1TOwOGEQrwV0G+ljsnCzlNI7fqZujNY7ouw178lHILNxLtlQ2GEdHk3vylfgzVlnih4rxoYfkgJVDaFfu+YN~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:29 GMT; Max-Age=31536000; Secure
bm_sz=3A5389AFCEA701FE7D5A81C2610F8237~YAAQjtAXAr8y7YqIAQAACHegixTEQRN2/DkexzhUoH9NYMO+F8TauBzR9MqEDi5MZ+eXqj806a7OIAThpMM+bKcEIcozUru8oca3pmKtMqW8dd3z+2PF85WtwqHI77+VPJNjxgSkmb3jbRmKPXmisivFYbZVbX1aK52Z+ddqZp48e01Hu6Eto0Yf99FCHRXBr8/K2p4J2Y2u71HVRAcfsidf4W2Q7fte6YKQxzWvtHRhBl97ZnHUnTcINf4c6M2edrtj/UTq3oYVMnBlYTNtz0y3BL+bJUS5BYQt/l7HZmWcMivSBO8Q~4273476~3617604; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb41_kf175_11820-8019
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727977&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727977&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727977&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=SInJroLso1XjCRvYf4YgKL6IVYmxvPtAQsukGEgT6%2fjGhX87P%2flN6rX3d2HvrXsH; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb41_kf175_11680-35241
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727982&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727982&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727982&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C45434343852140244073912584457040026287%7CvVersion%7C5.2.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=L9rhS+WRTccBfrSRxbLNoCzSsmvk%2fNQAwDQn3YpN3hCNYHNTmWQ6vISyeLloRP7D; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb41_kf175_11950-45206
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727987&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
163.171.132.220200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727987&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F&cb=1685969727987&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; ADRUM_BTa=R:27|g:6aa298cd-392d-4ac9-80a8-a708b0f1ff6e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:158; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C45434343852140244073912584457040026287%7CvVersion%7C5.2.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:55:29 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=r7hyhXbTXhy1l2fxZBew%2fJcdFtPLrI2XcPzuHkA3hgedrONswtvw8mBlS%2fEalfp2; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb41_kf175_11844-5875
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
163.171.132.220200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ebb6845b1657cc3e51f4fd8fec963e88
2c0b79417df061c20b8f67f3a127a705a20d7f47
3da52828ada8ade7c25f81a8102da60a6ab33d6bd0121af0015b9a25e660ccf4
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------112896469719376796974176569395
Content-Length: 171
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:1$_ss:1$_st:1685971527792$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C45434343852140244073912584457040026287%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ03UbljiA7F8CmqgBWiqM9NHcqk%2BASDkQt9rhSR5Z4%3D%22%7D; ADRUM_BTa=R:27|g:868bf049-f29f-4521-b4f5-face67366550|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:17; ISD_WCM_COOKIE=!U+dSw9Hp9s1fyr0Gl7IZxfIs0wroUZ8Lb/EOEPUyYOH28urX8vomMSx2USifqJU+wxd6fMSqwiEpFBg=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:29 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=s87vpDyvN2Zc41kOru%2fWkFMfizrCLtVp+lX3EufzPAcCqyZJTyJemjPPqnw18PCB; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
_abck=F5A5D3BF0138DBDCFA6C707EDA2801A9~-1~YAAQjtAXAsoy7YqIAQAAh3egiwqUAyHSWx5lJ1tX4ZbJkDYbRdkggKPfsXozRDFOn2cdYEmVe86qQsn4aHTrDMjr/3eE6NqG7UMAZlLKavMPPn/gPQQsEM5sZzqBquq5NA4Oi19RucXE6bG9Ur1UpEcqaabaf4O8cFY8V2cN+rtcNRBhkZb9f8wvRDOlW9erfI2f6hTOzxGn/CMdW1xZCo95WGeQYnzSa1LvR1I01ClWkrak4RT4dqGHFSGZ0liNftmWGmODcEA9BCJLJrzy0XIITVcfohpvyIU+knGU1Drnso9ULwlp+oAInCLIdgkKfCGBUzGJQ35+AjXa0m/mi3ze5ssFnrERtypU0cmUXv+vwL7ZsTpRuJVO/gUTBBE2~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:29 GMT; Max-Age=31536000; Secure
bm_sz=FA055EFC85AAB6DE082FFFF89BC3C867~YAAQjtAXAssy7YqIAQAAiHegixR+dBsGniXZfDOKLlU7Hcmmy/mhSgBIABzkCtAh1qDy+ph9w3RQa9rGRwXUsD2Wo9r8odAgGsn+ED3K8oueNK3cnfa7+CCEoN6S+8JpadhHg4Yep4s4ax7HQT9fDOT7QSyrDhB7oibhtwCp3kGyHlLRyB1wW17jGRxy1sIE12sYaZ5jO0SWZOt8t0keLBDQsEHUTqhBRAbBH+dLKp+asUzfCfqBQHrzejjHlbTUQA5zYovF7gTdiQKO5jEzmPYCv5hLX2ci+f/NK3B76xJGY0ZzQkN2~4273476~3617604; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:29 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb41_kf175_11820-8021
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.34200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=2cqM8gu4Le7Or0zg2FPqId4MZKIMRH83+s4+t7wj1c4%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
23.36.79.26200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 23.36.79.26:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=R1nIbUN5ye3WneWMOY0juA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=HMwzzUPY0iDoM8RgbZWBQg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=x6jXY0NhaidP2wQ7J1LTsQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/glu.js
23.36.79.34200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash c2b9581cad1c01c699dc505cfeb5f96e
1649bfa835c2ab0b033a9ba5cd5b249c53f95316
7ca62252bbbff932948f49cf25bff30fc3d7c8e6c7c05339fd26ab3f8f773d8d
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37187
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=i7PeGjQNb32gi9GhTkK7FwU3GeL1MpC+lc4w205SW4q3M3XNtPBHJfbVCs3wsHVn; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.9200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=illhOyK3jyNaP765hlujAw%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ga.js
23.36.79.9200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=3MJ%2fRJPam228PKRK7ae%2feA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.15862553302248783
23.36.79.34200 OK 52 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.15862553302248783
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash a6571ceda5fbb0586caefd143c309850
ca7aa1371c1585979aaa82c2e3c5aac5dfa51697
9dcafd6d90d7cd67069a701158afb29ee876baba6dc18fb0338c5f58e89bfaec
GET /PIDO/pic.js?r=0.15862553302248783 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52523
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=o6Rf8%2f1KVUKAHrOmzvCayD+nW8xVrXn8NhH8AhnJg78%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pid=b374ffa7-5d0d-44f9-a644-57306891f9ec&sn=1&cfg&pv=2&aid=
95.101.10.104200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pid=b374ffa7-5d0d-44f9-a644-57306891f9ec&sn=1&cfg&pv=2&aid=
IP 95.101.10.104:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 56df8cd392073a143f3085dec767a9d8
a22fdd4e94eb324bae0589959290f2f33b8b51ff
8bf1e09d184b540c3b3d9c0dcd4fb2946cf3a1b439d6bc6fb2874695651764ac
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pid=b374ffa7-5d0d-44f9-a644-57306891f9ec&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2802
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0; _cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1144
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 12:55:30 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!yZpEioSS4A3cHFd54TfMmyz5FQ342bgbWum99d27vt5LwJIAMkXNwZESaNY0mbvmpDLZXu5Px/6WnUc=; path=/; Httponly; Secure
DCID=9C3iS7rrQyuSC%2f500QQUUgWGEm4Kv80oXtaM2WVT2K4%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.8737971530773246
23.36.79.34200 OK 137 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.8737971530773246
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136584 bytes)
Hash 306d242906ebff79a92dc0b6ac33e813
6578ca84030c576b5bbe9727e8c45a5be55d2316
6f814f05f4e14c7362c9f97981910b14ef875166bed18e92d35562b117ccefc8
GET /AIDO/mint.js?dt=login&r=0.8737971530773246 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136584
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 12:55:30 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Rw6NIbUpHJOCyz%2f23P%2fQtcTCzWNZTcecI6tx8E8hy0A%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:29 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
23.36.79.34200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash ce46e6d3d816eac0b1d9a140e0ccac24
5239b9d28bd13b0547fef64368c8d99760ddedae
54a639960701e9a8609bffabcc5a87a26a56508eca26d5fcb16a374ae1504869
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17957
Date: Mon, 05 Jun 2023 12:55:30 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:f980862f-afa2-47d5-b662-288084879e78; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:f980862f-afa2-47d5-b662-288084879e78|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
SameSite=None; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:4; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=gnOu0bjlUqgLuFPp2bwUlcBf0dN8tHmjn7VFXysk7OY%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:30 GMT;Httponly; Secure
_abck=6ACB99C9D0D646D83008B9248D9D146A~-1~YAAQHk8kF77dYm2IAQAAt3qgiwrifsX28pE7ZTyF4Jls6MFkYabwG3yIwm3KedI8iDnA3wjuUicAvHotJBYHjO3UDTUv+jxUxVpTkW2ztF8i3GPL/NlavG2BVLgzRXhBBBGdqqXx5OIf+InV5GiXRMc1y/QHayyI+oUzLNDl6E7PdVGhfxzJ8fUcOVnP3gcpTurWkg9CbnsWL6KvB5meHI05Wf2j/t/FcGKM4+21fswNwCIcw08P1/nh7P5G6rphIj+ExlN1oyXzj73hBClb8Z0q+xiLZuAHgE2s3Gn4d78ZffgZDrlCudb82sGVrgl4oHP6hb4zo5Xg9hEHpJY2mPLXWQNl1lSWlG8yMPxjef7GYi35B/zfYSa9krfBdKJ+~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:30 GMT; Max-Age=31536000; Secure
bm_sz=DB1E86D2D86022415B3E881734CCB58D~YAAQHk8kF7/dYm2IAQAAt3qgixRzSXTL52B1RUsbZtcY130QdpIrslWG3zhG8eP3Am6atsxiBkYj8UVwugEU2VS4jpQpnCO7btqGfSXFujjY7nv+v0vgvAsfwEiP/Wi2UwzTOJ8Fy1sYXXpWHzV90Eb4zZpuoVaDsUbr0WO/2m3CEK6YXnAnEsSWMMzMgs0mB1vHSXTtoZ/w1KbhKdG+VktXh6AxA0VjzpyKn5A2sSKqdveTv6ONL6vttC9sye4zOhZpdnYxwz5aK7uNtISS1EQqx8SwE8KAmleAuR99rvIxiACDDpwd~4277303~4337990; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:30 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
23.36.79.9200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Mon, 05 Jun 2023 12:55:30 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=xPF3C87o+Bc7242ZwVGbkQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/ec.js
23.36.79.9200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP 23.36.79.9:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Mon, 05 Jun 2023 12:55:30 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Vz2dhhGkkYC8G3o%2fes7crA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEAxWHd5MFRZdklqaDJDVS9nRDkzWDlUbjJ6dXJpRjRJdWs3SFY5ZnJrRk9ldDVFS2ZDQ3ZCTytxZk80QUJMS3EzZk9ReUlBSXRLMWdnQXlqNzN4U01WVlpaUjJJSW1vSXVsZFBzRVo3QXZQU0R3d21TQTRGWEllQUhyRHBvazFVbHNaUmNpc1ZSc2FoUlZOZDVKMjNUWklSdFY3NGlGM1dnNDVXaXYwbmkrMzNQaDRRcXNVWm4wNVovUDhvWkxPeXkxcHFpRFB5RGdxZ2RYaGxqcXphSkF6L1N0RWd6bERPcnFPVWpKQ0pLMmNHMFloU25CSzBGV0FxbnUzTkJnVENzV0hkMEw1eXZTVFhYN1gwcUM0UlVJV1BFZGJPeFFsb1E3b252OGJFPXw3NjBlMDg3YTQyY2EzMTE3YTNlNTU0MmVjOGU1YzE1MWMxZTEzNTFjY2U4MzYzMjQyYjBjYjI5NzdiYzk3OGZiZjk4OGQ0YjM5ZjZiYmIwNDU5YWVkMzFjOWEzYzU1YWQxOWJlZDhmNTdkZTE2NmQ3NTNiYTc3NjVmYmQ5ZjAzYWQ3NmE4OWY1Y2E5ZWFhOGUzMmI0YTc0NmJkMGUxNWRiYTllZGIxOTRkYzdhZDc2MGMzMDVlZWMzNjgxNzgyYmI1MmMzNmQ0MjE1MTE4NGNiYjNiYzgxMWM0MWZlZjdjNmM0ODk5ODY3MzU2NWFkOTM0NTYwMzMzNTkxNzMxMTVlMDgwOTQyMWYxNTI4NzA4ZmFhYjA4ZjViYzgwNjdhN2IzYTVjNmIzODA5ZDIyOTEzMTUwNjM5OWM2MGI3ZjAwOGQyMWU0ZGQ0OTY3ZmYzMDU0ZmEwZTFjNmM1ODRjZWRkYmE4M2Q1OTM3ZWQwNzk3M2JiNGZhMGY4MDI1MWFkYzZjZTdhNjliNTZmOTVjZWNiZWVhOTZkMWJkYmNkYmIzMDMwMGY1ODM0Nzk5YzgzNGUyNzc2YTAyNGRiNTlmNGExOWViNjhiNTU0ODIxZDE1ODNhNDAyN2Q3MWRiMjZlOGVhNzM4ODhmNDk0MGVjYzUxMzhkYTM3ZjRiYzZkNjQ3MHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com&t=jsonp&c=xrqirnkmmxbbxpwz&eu=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F
23.36.79.34200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEAxWHd5MFRZdklqaDJDVS9nRDkzWDlUbjJ6dXJpRjRJdWs3SFY5ZnJrRk9ldDVFS2ZDQ3ZCTytxZk80QUJMS3EzZk9ReUlBSXRLMWdnQXlqNzN4U01WVlpaUjJJSW1vSXVsZFBzRVo3QXZQU0R3d21TQTRGWEllQUhyRHBvazFVbHNaUmNpc1ZSc2FoUlZOZDVKMjNUWklSdFY3NGlGM1dnNDVXaXYwbmkrMzNQaDRRcXNVWm4wNVovUDhvWkxPeXkxcHFpRFB5RGdxZ2RYaGxqcXphSkF6L1N0RWd6bERPcnFPVWpKQ0pLMmNHMFloU25CSzBGV0FxbnUzTkJnVENzV0hkMEw1eXZTVFhYN1gwcUM0UlVJV1BFZGJPeFFsb1E3b252OGJFPXw3NjBlMDg3YTQyY2EzMTE3YTNlNTU0MmVjOGU1YzE1MWMxZTEzNTFjY2U4MzYzMjQyYjBjYjI5NzdiYzk3OGZiZjk4OGQ0YjM5ZjZiYmIwNDU5YWVkMzFjOWEzYzU1YWQxOWJlZDhmNTdkZTE2NmQ3NTNiYTc3NjVmYmQ5ZjAzYWQ3NmE4OWY1Y2E5ZWFhOGUzMmI0YTc0NmJkMGUxNWRiYTllZGIxOTRkYzdhZDc2MGMzMDVlZWMzNjgxNzgyYmI1MmMzNmQ0MjE1MTE4NGNiYjNiYzgxMWM0MWZlZjdjNmM0ODk5ODY3MzU2NWFkOTM0NTYwMzMzNTkxNzMxMTVlMDgwOTQyMWYxNTI4NzA4ZmFhYjA4ZjViYzgwNjdhN2IzYTVjNmIzODA5ZDIyOTEzMTUwNjM5OWM2MGI3ZjAwOGQyMWU0ZGQ0OTY3ZmYzMDU0ZmEwZTFjNmM1ODRjZWRkYmE4M2Q1OTM3ZWQwNzk3M2JiNGZhMGY4MDI1MWFkYzZjZTdhNjliNTZmOTVjZWNiZWVhOTZkMWJkYmNkYmIzMDMwMGY1ODM0Nzk5YzgzNGUyNzc2YTAyNGRiNTlmNGExOWViNjhiNTU0ODIxZDE1ODNhNDAyN2Q3MWRiMjZlOGVhNzM4ODhmNDk0MGVjYzUxMzhkYTM3ZjRiYzZkNjQ3MHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com&t=jsonp&c=xrqirnkmmxbbxpwz&eu=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash ab4cfe1043365a9bfebb279a60a0c395
5a3bb1f6d2eeaab1fb826681e584fa5d62ccdd9b
17cf92022c0537a8682d5099d985d03ececf718907cbc50493578ea4c8f1e023
GET /AIDO/vyHb?d=ZW5jZEAxWHd5MFRZdklqaDJDVS9nRDkzWDlUbjJ6dXJpRjRJdWs3SFY5ZnJrRk9ldDVFS2ZDQ3ZCTytxZk80QUJMS3EzZk9ReUlBSXRLMWdnQXlqNzN4U01WVlpaUjJJSW1vSXVsZFBzRVo3QXZQU0R3d21TQTRGWEllQUhyRHBvazFVbHNaUmNpc1ZSc2FoUlZOZDVKMjNUWklSdFY3NGlGM1dnNDVXaXYwbmkrMzNQaDRRcXNVWm4wNVovUDhvWkxPeXkxcHFpRFB5RGdxZ2RYaGxqcXphSkF6L1N0RWd6bERPcnFPVWpKQ0pLMmNHMFloU25CSzBGV0FxbnUzTkJnVENzV0hkMEw1eXZTVFhYN1gwcUM0UlVJV1BFZGJPeFFsb1E3b252OGJFPXw3NjBlMDg3YTQyY2EzMTE3YTNlNTU0MmVjOGU1YzE1MWMxZTEzNTFjY2U4MzYzMjQyYjBjYjI5NzdiYzk3OGZiZjk4OGQ0YjM5ZjZiYmIwNDU5YWVkMzFjOWEzYzU1YWQxOWJlZDhmNTdkZTE2NmQ3NTNiYTc3NjVmYmQ5ZjAzYWQ3NmE4OWY1Y2E5ZWFhOGUzMmI0YTc0NmJkMGUxNWRiYTllZGIxOTRkYzdhZDc2MGMzMDVlZWMzNjgxNzgyYmI1MmMzNmQ0MjE1MTE4NGNiYjNiYzgxMWM0MWZlZjdjNmM0ODk5ODY3MzU2NWFkOTM0NTYwMzMzNTkxNzMxMTVlMDgwOTQyMWYxNTI4NzA4ZmFhYjA4ZjViYzgwNjdhN2IzYTVjNmIzODA5ZDIyOTEzMTUwNjM5OWM2MGI3ZjAwOGQyMWU0ZGQ0OTY3ZmYzMDU0ZmEwZTFjNmM1ODRjZWRkYmE4M2Q1OTM3ZWQwNzk3M2JiNGZhMGY4MDI1MWFkYzZjZTdhNjliNTZmOTVjZWNiZWVhOTZkMWJkYmNkYmIzMDMwMGY1ODM0Nzk5YzgzNGUyNzc2YTAyNGRiNTlmNGExOWViNjhiNTU0ODIxZDE1ODNhNDAyN2Q3MWRiMjZlOGVhNzM4ODhmNDk0MGVjYzUxMzhkYTM3ZjRiYzZkNjQ3MHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com&t=jsonp&c=xrqirnkmmxbbxpwz&eu=https%3A%2F%2Fwww--wellsfargo--com--4u49329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 05 Jun 2023 12:55:30 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=HzPscJNCmgDbN8BriUew+UuyfSdTi7zaNJ7IRj6ot54%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:30 GMT;Httponly; Secure
_abck=FA23FFEAA873EE0A07BEA4169C30B288~-1~YAAQHk8kF8PdYm2IAQAAmnugiwqWFZLEsHWxmDPZs5Hi4XK2e5zkIQyWWVThhZcgoIoIXU6TeOkH5eSe6oRf20Xc9QIfB9G09t0ZC8Ly/JGmiwKUwt47l3zs3clWlbSddfXNTnJXFDVq/UJMh4aKIScuA2viYwA2ppqVFWwyeJDdKD/Bvnk75mOckpNSDZXm4/5ceKVTUZCIs0Cbpu2ZDE0qip6+/lOLSnXPiOigX86PT/RIHQurbzGB0ywI46FIJU08AM0ELOrkSkjNT/nlU5XJrw2lBeWoCVHbp40JRH54ah6PYR/+vcl2E7i8pM2wqsdf1oh7ep+4/afgBCf4LoQL3IyqXJkB6tCeHC0S6i8rmPtxau/KT9GvkXBLswOX~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:30 GMT; Max-Age=31536000; Secure
bm_sz=43A6D1C84DD7591D4E8EEFE90CAA92AE~YAAQHk8kF8TdYm2IAQAAmnugixQGZ1oWaAkXLR3POdgJCAmrFTXI6FhMhGJkqRAGjK5v+xey1HimYoxBz0GitY8YUKR4A0IJUKe/MopnkqTQlUYCxryyz0L/WXqM2OFRRAHFXZPWAFu91yYp4gVQnRk8BI4HaPWpB479O0/8VR/0lzLyQL6pMmi1a66p+gCU1pgofptSOPhcyII1G9rw5oUn5rmHATJ827TjCrNcgp5Rc7EeZMA4WcLSratW5CZ+xF6c/oq9heADfq9wTZnWH0dfQs2KBOhPSOH1TgpmRF2vzD391UpR~4277303~4337990; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:30 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ort.wellsfargo.com/securereporting/reporting/v1/csp
95.101.10.211 0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP 95.101.10.211:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 9687fd86-71fe-4c10-7721-325c270017e4
X-Xss-Protection: 1; mode=block
Date: Mon, 05 Jun 2023 12:55:30 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:932abe9d-745f-46d3-a634-b72ca2d9e373; Max-Age=30; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:932abe9d-745f-46d3-a634-b72ca2d9e373|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:6; Max-Age=30; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:6|d:5; Max-Age=30; Expires=Mon, 05 Jun 2023 12:56:00 GMT; Path=/; Secure
DCID=16p6jhbmZgmnVsY+VT72u8u9XVlkvQ8FEHxU1KLk5BI%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:30 GMT;Httponly; Secure
_abck=15A1CD40EF2839114485AB58D4C639A1~-1~YAAQzwplX8z8x2yIAQAAsHugiwos/jPdSxmnS/cVAz6pKAXo5Ym1wHvyaL1zwistINPBwvqXLV3YJgjbOee4bmReSCGuqXkiJ5fu8p7ENMRbazMuxplMCSZwQnNnHCdirJWMeoMpbwS4kYtGOXYeEr/vq2qzpN0JCaKFP5fLKPdVpa8TC3hv//Lbf57ZolRKbaRjT/N2Qo7Qc1jB4v8+vjYX5TDZfhOOAhJWsOQnXD0gbf6xsfeXv0Vc73zuFbXfmZgGW4FTpTRizqbmKuD9oWLX5vkrTYm6/Ew+vI8bRur05T0k7uL0r46R2sqjmm2bV025SMxnkL/rOmG7aPBpNFz1X7SuuFLbXEG/9iGR5feAJRtWCko0Zoxr9cqwlcO9~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:30 GMT; Max-Age=31536000; Secure
bm_sz=799F348C27115F25AE0186843E113CFC~YAAQzwplX838x2yIAQAAsHugixRuKq95fdjSuM7/LkKsOpT/zlA72fk0VPY7Z5Toxj4bQ7AysQ5wnnZT2i7kOdxJoppu7fkrs8TUq2fCKnsRuG+/Duh4Ex7NKtPmToXJRf1WMHUmzI2xQJrXhMcZbSTlEhE24MbwR0iigA0gFErD9hX641V1MlXT5tDClWF4zoq8n/LI42OGsbxRbXNFZ7EPWDwIQpMnmj33bbiM2XlR/IYmkkwH42H84rnkdiJ6NhS1AeRwOMa8tteVcd7CmOAEN2ZacvQKIwlQ3llCzuakhMJrebBW~3748403~3354929; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:30 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
163.171.132.220200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash e4552fcab7f15372d98c4a8ec5aa60f6
ba9e10e74f6ccc39ec877438fa45035ebeff15d9
70af4952c1d53262967b7cb4a4b5f0560edac6d0f3d716845976b6946e84cbad
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 648
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:2$_ss:0$_st:1685971528422$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C45434343852140244073912584457040026287%7CMCOPTOUT-1685976928s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ03UbljiA7F8CmqgBWiqM9NHcqk%2BASDkQt9rhSR5Z4%3D%22%2C%22_s%22%3A%22RhtuQ6dF%22%2C%22c%22%3A%22ZnZzbWVPcklVR3Z6cktRaw%3D%3DuOfMAqmkc5Xx7rCBG5IBlRIAJiH1Mhl-m3wnYc9T6p2zQtYb_rPcDdZnele7V7za55Whra71PUTSbEfZ2cUZbv0Z5p9eMSXTqW4%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_fr%22%3A10000%7D; ISD_WCM_COOKIE=!fU+tl7tM6/fjhqzz2xKqB3cO2dndHpaV56mOJeMhfGBvwC2Xd4Moxp7+TOwZ/elLncnQrNlvtwrxP2U=; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f; _cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0; ADRUM_BTa=R:27|g:00a29d78-dbae-4c68-99ab-50f814c089c3|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:38|d:0; LSESSIONID=eyJpIjoiR2RhOFZBemlleGxsMENsc2xCTldNQT09IiwiZSI6IlIwWmZhN1hCUzlHMTFRVHRMNVZwVGVxMjdnSEVvV1hzckdFalpncTZkYW55MTZRNHJyK24wZGoxWUlDYlBXekMydTZWeEFCOG40U0g2MFdPZ1wvakZEOXJZY01QbWpWa2ZTN2VYa1RDaVh4TklQRkhFa2IrQjlIUzdKTXFManZ5S2FXbWZjZXNkZFwvXC82YmtYbUc1dDlwdz09In0%3D.b045187dd8fd9fb5.NTYzYWE1OTE0ZTAwYTliMzY4ODEzYzA0Y2FhYTM5MzIwMTBiYzg4M2Q5YTIzYzNmYTc2YWUwNWYwNjIyMWNiOA%3D%3D; _gcl_au=1.1.1876657265.1685969729; _ga=GA1.2.959202677.1685969729; _gid=GA1.2.41586115.1685969729; _gat_gtag_UA_107148943_1=1; ndsid=ndsarkqxd8899oliiuuhg8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:31 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=98tdzi3NtC094NIw%2fqZ6g4w+nDmbVIUy7yjED36HrtjjHwpmdoQp+18T64wsgqyn; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:31 GMT;Httponly; Secure
_abck=42F03E74A2FCA6FA58618606FB6340C0~-1~YAAQlNAXAurkNHeIAQAAm3+giwr08vSD3TbK7CGDVioXRSSkqHqaPATdHBqazUU9oO2vIDB6cXR4QlLiVksbcMFAugwN3hjIUEZA/Kl+WYmexuS+v7wx2lRHSUxYCZSn+A4+wA6rZoD+7ZFUhGsGyJ7rzCqWP0ZdeixoaPUMa/N2TEjWy31UYAL4gnQp31DTkpKjZauk2ojiiagOYw106ft0mmnW9v62T5cSmff3K0kQ4ZwsIeoIw45n/mSptXQi6loq9dB6A4CPlCHMCQGIMuv6970k5HUMbxF+mtStdSeCX5l2NYB3eTCpQ+gBKZOcrPeDM3ki9Ma9eeVM/Mv+Gfe9b+da56GlvQ86mOLqb1iu6MnF0ZrsXGwqnrbmLKc7~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:31 GMT; Max-Age=31536000; Secure
bm_sz=62B5E5C79D1B550A6C4A117DDDEBAFD4~YAAQlNAXAuvkNHeIAQAAm3+gixTZd7w9SDYC5cpa0pIjKfmkEpJLxsHaN9EbTwDrCSKwHl87WVR28+lbaI/su2Y1bLB349WK0uvyU7OnhMnjwZx0JGB/xSYuuMqAD/P3vACWiETL4CiojC2Vrj/YEwVClbDYHMcU1La0C1pVd3oosHD2YbB1dYkfZZS3vvv2+TaPGMVjm7ioDwhjQWQ7HoxV3CsXKOqMlMGAPTCQ1l9El6y8fntDjKtGSZEXODmTZRG/VsCU3QqbeEOqEvt4xYtPa7OA1CA1hTPYHLmS9LEsdTclLpZ4~3556656~3555890; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:31 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb43_kf175_11950-45282
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
163.171.132.220200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 0205aab8060bb3dc34e593b68816fe7c
83d2086715988040c2be75956d6e809afa683b78
4daa74469e59f356ad6e7876b85c4b3dbbfb71ef04b4709314f62637a134cc46
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2050
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:2$_ss:0$_st:1685971528422$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C45434343852140244073912584457040026287%7CMCOPTOUT-1685976928s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ03UbljiA7F8CmqgBWiqM9NHcqk%2BASDkQt9rhSR5Z4%3D%22%2C%22_s%22%3A%22RhtuQ6dF%22%2C%22c%22%3A%22ZnZzbWVPcklVR3Z6cktRaw%3D%3DuOfMAqmkc5Xx7rCBG5IBlRIAJiH1Mhl-m3wnYc9T6p2zQtYb_rPcDdZnele7V7za55Whra71PUTSbEfZ2cUZbv0Z5p9eMSXTqW4%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_fr%22%3A10000%7D; ISD_WCM_COOKIE=!fU+tl7tM6/fjhqzz2xKqB3cO2dndHpaV56mOJeMhfGBvwC2Xd4Moxp7+TOwZ/elLncnQrNlvtwrxP2U=; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f; _cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0; ADRUM_BTa=R:27|g:00a29d78-dbae-4c68-99ab-50f814c089c3|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:38|d:0; LSESSIONID=eyJpIjoiR2RhOFZBemlleGxsMENsc2xCTldNQT09IiwiZSI6IlIwWmZhN1hCUzlHMTFRVHRMNVZwVGVxMjdnSEVvV1hzckdFalpncTZkYW55MTZRNHJyK24wZGoxWUlDYlBXekMydTZWeEFCOG40U0g2MFdPZ1wvakZEOXJZY01QbWpWa2ZTN2VYa1RDaVh4TklQRkhFa2IrQjlIUzdKTXFManZ5S2FXbWZjZXNkZFwvXC82YmtYbUc1dDlwdz09In0%3D.b045187dd8fd9fb5.NTYzYWE1OTE0ZTAwYTliMzY4ODEzYzA0Y2FhYTM5MzIwMTBiYzg4M2Q5YTIzYzNmYTc2YWUwNWYwNjIyMWNiOA%3D%3D; _gcl_au=1.1.1876657265.1685969729; _ga=GA1.2.959202677.1685969729; _gid=GA1.2.41586115.1685969729; _gat_gtag_UA_107148943_1=1; ndsid=ndsarkqxd8899oliiuuhg8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=8cFLvzUqtNClWcmtOYgGp8kpWHTVp5Op8uGI1b30WzE+HPv36Fp2AKNWeYwetHVU; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:31 GMT;Httponly; Secure
_abck=097BD49E828BF0E062AE53E589FA8FDF~-1~YAAQlNAXAgLlNHeIAQAAb4Cgiwqa3ACt2X4RlwH9F4QZTlgmxbHrMJ4+iYb7RQOF/2E9QCEUFK7NcxC0FWkKcCZOhNIraBx195JwrMVF4X3Khg0P31jyrcKHSTVgHYLjoGEUeLhRXppPNnExLXDmjRvc3tGLLS881jGucBa5JehZuZpcnOtB4IT0ny5QxD02v37L5EKFMHRTr2+smAvMx0JgVHP/ggZRInv1YHHY2XDN7xR4tAptSfyR+sVXjUsjqjoDNXEe6+PzMIfzxQ98+WIgV9iITdj8X3zav5yK4DIoj1Bje5pscMVHB2rSBNZY4bf9JTd+va3lLmxcCFtq6MdlfN+xeV35//JYCKcubZz953RfL0X5OMeGE0K883be~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:31 GMT; Max-Age=31536000; Secure
bm_sz=1D653CA96B2BC9C9FBE8373CFFB3053B~YAAQlNAXAgPlNHeIAQAAb4CgixSA65fza/QPzQ15Zj7hzb+zmYumLHC2RHIUSmgYQ27PqRCvjzcU1faObce52lUrV8Uia4M3K8v6/GIt3OPoVUwIzwquM90yUBzdiOF7297Hh1Bh6U+P/P6SCRhFJNSuZSW0VxIgAFjgSxvC7ILRyJCAZa4BdXpIfCqW0hj3AgIOauFurngkukJC33IX30ApIe7WI92VTGtP6hMjn3CeHadqWQmiBYto/tYf4F7EgwkcizY7TOSI9KoK1VVEJPBG8mKsOQdQp05LoF0VOwO7gldI345l~3556656~3555890; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:31 GMT; Max-Age=14400
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb43_kf175_11680-35307
www--wellsfargo--com--4u49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
163.171.132.220200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--4u49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP 163.171.132.220:443
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--4u49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Le4Z5iMaAuCfpyQv/BdPMOHVwv+ySXMG29RBBrHZCmch/TwzPGE6NhXbk8Ofko0VR3B60WX2gSVIgao=; utag_main=v_id:01888ba0712f00096cbcc6ca91ef05046003700900918$_sn:1$_se:2$_ss:0$_st:1685971528422$ses_id:1685969727792%3Bexp-session$_pn:1%3Bexp-session; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C45434343852140244073912584457040026287%7CMCOPTOUT-1685976928s%7CNONE%7CvVersion%7C5.2.0; dti_apg=%7B%22_rt%22%3A%22DQ03UbljiA7F8CmqgBWiqM9NHcqk%2BASDkQt9rhSR5Z4%3D%22%2C%22_s%22%3A%22RhtuQ6dFwSrPUH%2FV7WQFmX7%2B%22%2C%22c%22%3A%22ZnZzbWVPcklVR3Z6cktRaw%3D%3DuOfMAqmkc5Xx7rCBG5IBlRIAJiH1Mhl-m3wnYc9T6p2zQtYb_rPcDdZnele7V7za55Whra71PUTSbEfZ2cUZbv0Z5p9eMSXTqW4%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_fr%22%3A20000%2C%22fr%22%3A%227FFk9Kd87NMmojtd0HfpIA%3D%3DxTQ6X49rBI2lQBKgnPk5in_BWKEy93pKUPUGkPBI2q_Ben1iD1MTz7a1SEVft5cCn7iOxK0pxHmh87QppDa80zYvnKDX88wIQywJfnzDcg09FIi7kXQKjU4XwkUl_GiU9GeRyBzyZWlewPFa-IcO9SwuCIi0w4VtsKpU-tsm0MCJRJBAfWEKR2D-%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAviX4xKg1n8N%2Fk0%3D%22%2C%22diA%22%3A%22AUPbfWQAAAAA9odr6XYPLkhFJMfz35M8%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%7D; ISD_WCM_COOKIE=!fU+tl7tM6/fjhqzz2xKqB3cO2dndHpaV56mOJeMhfGBvwC2Xd4Moxp7+TOwZ/elLncnQrNlvtwrxP2U=; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f; _cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0; ADRUM_BTa=R:27|g:00a29d78-dbae-4c68-99ab-50f814c089c3|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206915|e:38|d:0; LSESSIONID=eyJpIjoiR2RhOFZBemlleGxsMENsc2xCTldNQT09IiwiZSI6IlIwWmZhN1hCUzlHMTFRVHRMNVZwVGVxMjdnSEVvV1hzckdFalpncTZkYW55MTZRNHJyK24wZGoxWUlDYlBXekMydTZWeEFCOG40U0g2MFdPZ1wvakZEOXJZY01QbWpWa2ZTN2VYa1RDaVh4TklQRkhFa2IrQjlIUzdKTXFManZ5S2FXbWZjZXNkZFwvXC82YmtYbUc1dDlwdz09In0%3D.b045187dd8fd9fb5.NTYzYWE1OTE0ZTAwYTliMzY4ODEzYzA0Y2FhYTM5MzIwMTBiYzg4M2Q5YTIzYzNmYTc2YWUwNWYwNjIyMWNiOA%3D%3D; _gcl_au=1.1.1876657265.1685969729; _ga=GA1.2.959202677.1685969729; _gid=GA1.2.41586115.1685969729; _gat_gtag_UA_107148943_1=1; ndsid=ndsarkqxd8899oliiuuhg8; _imp_di_pc_=AUPbfWQAAAAA9odr6XYPLkhFJMfz35M8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:55:38 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=RwrvIpLP2Y4gK7OJEZucrtMvIeyYsVi2a8ROWAQNglBKc1yQ9CMpszllQF2Fm6Gz; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:38 GMT;Httponly; Secure
_abck=788A60C6A62AD54DA8D02F6707426D43~-1~YAAQlNAXAjrnNHeIAQAAlZqgiwotTcN4GZvhmuatm2yYcG79UMLM4ZunkgCfQ0mUcQwtGDAa11zbh/VtwBFKrEEtuiWd3nQ8G2oPp3Nm7WgD6VxcWoJv7zfl7PVk9x1dgOYB4+R45bmJVTAnXg6OCiGeqR2BC/p41vMUEirO4fW4GiTdfLapfOzwpz9Jy76XTA9HGtXugpwLoPsDDE5M/sQ6bWHIV1FDQEjfNgTeho3hw6dm2A5E0tQ4piYY93sg2HmUD+jE9Sbm5BqQU9QGXYj/y9bvJgq3QIliQpK1YNdJTRw/daQQFfwH+6LHy+LqvxxIop67ILpi7PC3V0cVGN6EEAvDsFZBESkuyVs+x82r1/a6g/i4mhdslJqLHipl~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:55:38 GMT; Max-Age=31536000; Secure
bm_sz=0362458FC7D2E310A95F63555495AD5A~YAAQlNAXAjvnNHeIAQAAlZqgixRhRSuUueSpR9Lt/uHoxUIT9z7mWDDgNkBuHBiojXeJx2fb91uKSs12B9z6Ji/2GEIeeqkfSKkH24C3OZIvrcMit6lnuDpbfreomF1cgSzYSmap0Fku41r274egLv+ZbHAgkKXutDRL4RUQ6ciFA+PXu/3dk7mBnCnxBHytSZHzEIpeOXuqkHuHUhyF1KDcQ9FJUdBvDSUYfh04zp5PXn1Xh4s4Oej6/UURS1I+kx+ZnHZVym9/WCUIGPyouUUbuIQ3VV6MolbpLoXhqr8P1rNw0t0s~3621687~3621699; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:55:38 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647ddb4a_kf175_11950-45479
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pid=b374ffa7-5d0d-44f9-a644-57306891f9ec&sn=2&cfg=32a3f9ce&pv=2&aid=
95.101.10.104200 OK 164 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pid=b374ffa7-5d0d-44f9-a644-57306891f9ec&sn=2&cfg=32a3f9ce&pv=2&aid=
IP 95.101.10.104:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 3c4150af7b5c92e7e91b05f1e25eee58
ffa7fe11dbfc59b105e6c5a9cfcf552722fafb4a
8032ee4a8c6cfff0ed3663e0c4cdc5008cb9064573dd7a7f24b4f9fd51450630
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pid=b374ffa7-5d0d-44f9-a644-57306891f9ec&sn=2&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34771
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0; _cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 12:55:39 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!w8hIG9f4lk8SLPzpnNE5eVRfS7HzYzv+kkjNdb1Osp+9pUxyvSm2BEGdXwWkPsWAP0hisaZ0BZGaWw==; path=/; Httponly; Secure
DCID=QG2Ts86puo27PZ6sGF6iptU8aisT4v+UGOMSXXxpmWnZg8swF3B4GMn6Fx+5imNk; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pid=b374ffa7-5d0d-44f9-a644-57306891f9ec&sn=3&cfg=32a3f9ce&pv=2&aid=
95.101.10.104200 OK 164 B URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pid=b374ffa7-5d0d-44f9-a644-57306891f9ec&sn=3&cfg=32a3f9ce&pv=2&aid=
IP 95.101.10.104:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 3c4150af7b5c92e7e91b05f1e25eee58
ffa7fe11dbfc59b105e6c5a9cfcf552722fafb4a
8032ee4a8c6cfff0ed3663e0c4cdc5008cb9064573dd7a7f24b4f9fd51450630
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0&_cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f&pid=b374ffa7-5d0d-44f9-a644-57306891f9ec&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 11765
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_s=9ba75541-6422-41fb-861e-b93370400cbc:0; _cls_v=ad0e9b93-4dc2-40d5-b564-7d84d8110d7f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 164
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 12:55:40 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!7HJhQpldTCAyjGV54TfMmyz5FQ342cZ8MUrZTEm1/qFOPJIQ70Q4Wr7iXTmsftg+jPRgvkxipz56REo=; path=/; Httponly; Secure
DCID=drKon+7hxwaRD%2fxZbQrOkAQxPM3sISJsXYClPvwUo9c%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:39 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
23.36.79.34200 OK 951 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP 23.36.79.34:443
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 951 kB (951038 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:55:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=XGZLkP9KE%2fv4L8bgtAVipEYKfNm0VX5KeIG9cnYUp3c%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 13:10:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
35.167.151.61200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP 35.167.151.61:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 12:55:30 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 2
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
35.167.151.61200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP 35.167.151.61:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 12:55:30 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
35.167.151.61200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 35.167.151.61:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 13685
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 12:55:31 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:bec481b5-f72e-4062-9ba2-a6f7232ea3bf; Path=/; Expires=Mon, 05-Jun-2023 12:56:01 GMT; Max-Age=30
ADRUM_BTa=R:55|g:bec481b5-f72e-4062-9ba2-a6f7232ea3bf|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Mon, 05-Jun-2023 12:56:01 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Mon, 05-Jun-2023 12:56:01 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Mon, 05-Jun-2023 12:56:01 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:4; Path=/; Expires=Mon, 05-Jun-2023 12:56:01 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
35.167.151.61200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP 35.167.151.61:443
Requested by https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 1535
Origin: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--4u49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 12:55:36 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:717018fc-8325-463c-88ce-ab5ce24d06ad; Path=/; Expires=Mon, 05-Jun-2023 12:56:06 GMT; Max-Age=30
ADRUM_BTa=R:55|g:717018fc-8325-463c-88ce-ab5ce24d06ad|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Mon, 05-Jun-2023 12:56:06 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Mon, 05-Jun-2023 12:56:06 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Mon, 05-Jun-2023 12:56:06 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:2; Path=/; Expires=Mon, 05-Jun-2023 12:56:06 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 1
server: envoy
X-Firefox-Spdy: h2